IBM.OmniFind.Security.Do.CSRF
Description
This indicates an attempt to exploit a Cross Site Request Forgery (CSRF) vulnerability in the administrator interface of IBM OmniFind Enterprise Edition.
The vulnerability is due to input validation errors in the "security.do" script. It can be exploited by attackers to cause malicious script code to be executed by a user's browser.
Affected Products
IBM OmniFind Enterprise Edition before 9.1
Impact
System Compromise: Remote script execution.
Recommended Actions
Contact your vendor for upgrade or patch information.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |