VYPR
Unrated severityNVD Advisory· Published May 22, 2024· Updated Feb 13, 2025

CVE-2024-35475

CVE-2024-35475

Description

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands.

Affected products

2
  • OpenKM/OpenKM Community Editiondescription
  • Openkm/Openkmllm-fuzzy
    Range: <=6.3.12

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.

CVE-2024-35475 · VYPR