Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /omnidocs/GetListofCabinet API endpoint. A remote attacker can access this endpoint without valid credentials to retrieve sensitive internal configuration information, including cabinet names and database-related metadata. This allows unauthorized enumeration of backend deployment details and may facilitate further targeted attacks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Newgen OmniDocs 安全漏洞
Vulnerability Description
Newgen OmniDocs是Newgen公司的一个企业内容管理套件。 Newgen OmniDocs存在安全漏洞,该漏洞源于/omnidocs/GetListofCabinet API端点缺少身份验证和访问控制,可能导致远程攻击者未经授权检索敏感内部配置信息。
CVSS Information
N/A
Vulnerability Type
N/A