The host is installed with Microsoft SharePoint Server 2007 or 2010 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly validate search scope permissions. Successful exploitation allows attackers to view or tamper with other users' search scopes.