漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos Enterprise Document Manager (XEDM) before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via (1) a saved Workflow name or (2) the Content-Type HTTP header. NOTE: item 2 also affects the same version numbers of Xythos Digital Locker (XDL). One or both vectors might also affect Xythos WebFile Server.
漏洞信息
N/A
漏洞
N/A
漏洞
Xythos Enterprise Document Manager 跨站请求伪造漏洞
漏洞信息
Xythos Enterprise Document Manager中存在多个跨站请求伪造漏洞。远程认证用户可以借助(1)一个保存的Workflow名或(2)Content-Type HTTP头,以任意用户的身份执行指令。
漏洞信息
N/A
漏洞
N/A