Vulnerability Details CVE-2024-35475
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.5%
CVSS Severity
CVSS v3 Score 6.4
References