Posted by Cosmin Maier on Jun 19

[-] Description
A malicious user can be able to bypass some of SpiderOak filters and retrieve sensitive information from database.
Revealing system data helps an adversary learn about the system and form a plan of attack.

[-] Proof-of-Concept
Full report available on YouTube: http://youtu.be/R_aT4kgB3PI <http://youtu.be/R_aT4kgB3PI>

[-] Notes
At the time this alert was first published, SpiderOak patched vulnerability and customers are…