漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cross-Site Request Forgery (CSRF) in KTM System e-BOK
Vulnerability Description
KTM System e-BOK is vulnerable to Cross‑Site Request Forgery (CSRF) in both the email-change and password-change functionalities. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged POST request to the application. This allows the attacker to trigger an unauthorized email or password change on behalf of the victim without their knowledge or interaction. This issue was fixed in the patch published in June 2026.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
KTM System e-BOK 跨站请求伪造漏洞
Vulnerability Description
KTM System e-BOK是KTM System公司的一款电子出纳管理软件。 KTM System e-BOK 06.2026之前版本存在跨站请求伪造漏洞,该漏洞源于跨站请求伪造,可能导致攻击者通过恶意网站自动发送伪造POST请求,触发未授权的邮箱或密码更改。
CVSS Information
N/A
Vulnerability Type
N/A