Atstake Security Advisory A092804-1 – In the default installation of Vignette portal software, the utility is not secured against anonymous and unauthenticated access. Since many portal deployments are on the Internet or exposed to untrusted networks, this results in an information disclosure vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/34524/a092804-1.txt
Source: https://packetstormsecurity.com/files/34524/Atstake-Security-Advisory-04-09-28.1.html