Friday, September 11, 2020
CVE-2020-25252
nist.gov
In: nist.gov
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. CSRF can be used to log in a user, and then perform actions, because there are default credentials (the wstinol password for the manager or hsi account). CVE-2020-25252