2014-08-07 10:00:00
mitre
PUBLISHED
XBMC 13.0 uses world-readable permissions for .xbmc/userdata/sources.xml, which allows local users to obtain user names and passwords by reading this file.