The host is installed with Microsoft SharePoint Server 2013 and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by the way that SharePoint, by default, applies access controls to a SharePoint list. Successful exploitation allows attackers to gain access to documents to which the attacker would not otherwise have access.