CVE-2010-3890
IBM OmniFind Enterprise Edition (pre-9.1) contains multiple vulnerabilities tied to the administration interface. The primary issue CVE-2010-3890 is a Cross-Site Scripting (XSS) flaw where the GET parameter command in ESAdmin/collection.do is embedded into HTML without input validation, enabling ...