3 matches found
CVE-2014-9302
Server-side request forgery SSRF vulnerability in the cmisbrowser servlet in Content Management Interoperability Service CMIS in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter...
CVE-2014-9302
CVE-2014-9302 describes a server-side request forgery (SSRF) in the cmisbrowser servlet of CMIS in Alfresco Community Edition 5.0.a and earlier. The vulnerability allows remote attackers to trigger outbound requests by providing a crafted value in the url parameter. Affected component: cmisbrowse...
CVE-2014-9300
Cross-site request forgery CSRF vulnerability in the cmisbrowser servlet in Content Management Interoperability Service CMIS in Alfresco Community Edition before 5.0.a allows remote attackers to hijack the authentication of users for requests that access unauthorized URLs and obtain user...