Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition prior to 9.1 allows remote malicious users to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm omnifind 8.4 |
||
ibm omnifind 8.5 |
||
ibm omnifind 8.0 |
||
ibm omnifind |