SharePoint Permissions Privileges and Access Controls Vulnerability - CVE-2013-1290

Microsoft SharePoint Server 2013 in certain configurations involving legacy My Sites does not properly establish default access controls for a SharePoint list which allows remote authenticated users to bypass intended restrictions on reading list items via a direct request for a list39s location aka quotIncorrect Access Rights Information Disclosure Vulnerability.quot