Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM ESAdmin/security.do文件跨站请求伪造漏洞
Vulnerability Description
IBM OmniFind Enterprise Edition提供可靠的企业内部网,公共Web站点和信息提取应用。 IBM OmniFind Enterprise Edition 9.1之前版本中的管理员界面中的ESAdmin/security.do文件中存在跨站请求伪造漏洞。远程攻击者可以借助saveNewUser操作劫持管理员请求添加管理用户的认证。
CVSS Information
N/A
Vulnerability Type
N/A