An attacker using this vulnerability can request and
download files within an ASP.NET Application like the web.config file (which
often contains sensitive data).
At attacker exploiting this vulnerability can also decrypt
data sent to the client in an encrypted state (like ViewState data within a
page).