I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
i-librarian i librarian 4.7 |
||
i-librarian i librarian |