CVE-2021-26216

Name of the Vulnerable Software and Affected Versions SeedDMS versions 5.1.x

Description The issue is related to cross-site request forgery (CSRF) in the out.EditFolder.php file. This means an attacker could potentially trick a user into performing unintended actions on the web application.

Recommendations For SeedDMS version 5.1.x, consider restricting access to the out.EditFolder.php file until a patch is available. As a temporary workaround, implement additional validation and verification for requests to prevent unauthorized actions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.