Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.LockDocument.php in SeedDMS v5.1.x<5.1.23 and v6.0.x <6.0.16 allows a remote attacker to lock any document without victim's knowledge, by enticing an authenticated user to visit an attacker's web page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SeedDMS 跨站请求伪造漏洞
Vulnerability Description
SeedDMS(前称LetoDMS和MyDMS)是一套基于PHP和MySql的开源文档管理系统。该系统主要用于存储和共享文档。 SeedDMS 5.1.x至5.1.23和6.0.x至6.0.16存在跨站请求伪造漏洞,该漏洞源于对应版本中的op. lockdocument .php文件。该漏洞允许远程攻击者引诱经过身份验证的用户访问攻击者的网页,在受害者不知情的情况下锁定任何文档。
CVSS Information
N/A
Vulnerability Type
N/A