Unrated severityNVD Advisory· Published May 22, 2024· Updated Feb 13, 2025
CVE-2024-35475
CVE-2024-35475
Description
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands.
Affected products
2- OpenKM/OpenKM Community Editiondescription
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.