Vulnerability CVE-2024-35475
Published: 2024-05-22

Description:
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands.

 References:
https://github.com/carsonchan12345/OpenKM-CSRF-PoC
Copyright 2026, cxsecurity.com

 

Back to Top