2006-09-27 23:00:00
mitre
PUBLISHED
Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.