2 matches found
CVE-2014-9300
CVE-2014-9300 corresponds to a CSRF vulnerability in the cmisbrowser servlet of Alfresco Community Edition prior to 5.0.a. The issue allows remote attackers to hijack user authentication for requests that access unintended URLs and extract user credentials via a URL parameter. Affected component:...
CVE-2014-9300
Cross-site request forgery CSRF vulnerability in the cmisbrowser servlet in Content Management Interoperability Service CMIS in Alfresco Community Edition before 5.0.a allows remote attackers to hijack the authentication of users for requests that access unauthorized URLs and obtain user...