Cross-site request forgery (CSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition prior to 5.0.a allows remote malicious users to hijack the authentication of users for requests that access unauthorized URLs and obtain user credentials via a URL in the url parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alfresco alfresco |