Unrated severityNVD Advisory· Published Sep 27, 2011· Updated Jun 16, 2026
CVE-2011-3645
CVE-2011-3645
Description
Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified FolderRights parameter to doccab/doclist.jsp, which leads to arbitrary permission changes; or (2) a modified UserIndex parameter to doccab/userprofile/editprofile.jsp, which selects the settings page of an arbitrary user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:newgensoft:omnidocs:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:newgensoft:omnidocs:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.