Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control In DestinyECM
Vulnerability Description
Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-Site Request Forgery (CSRF) attack, which probabilistically enables JSON Hijacking (aka JavaScript Hijacking) via forgery web page.* Due to product customization, version information may differ from the following version description. For further inquiries, please contact the vendor.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Cyberdigm DestinyECM 安全漏洞
Vulnerability Description
Cyberdigm DestinyECM是Cyberdigm公司的u200b一款应用程序。 Cyberdigm DestinyECM存在安全漏洞,该漏洞源于跨域策略过于宽松,可能导致跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A