CVE-2021-36542

2021-08-0318:09:48

mitre

www.cve.org

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.2%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.LockDocument.php in SeedDMS v5.1.x<5.1.23 and v6.0.x <6.0.16 allows a remote attacker to lock any document without victim’s knowledge, by enticing an authenticated user to visit an attacker’s web page.

References

medium.com/%40cyberdivision/cve-2021-36542-a07585497eb8