Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-Site Request Forgery (CSRF) attack, which probabilistically enables JSON Hijacking (aka JavaScript Hijacking) via forgery web page.* Due to product customization, version information may differ from the following version description. For further inquiries, please contact the vendor.
2025-04-07T06:15:39.167
2025-04-07T14:17:50.220
Awaiting Analysis
09832df1-09c1-45b4-8a85-16c601d30feb
CVSSv3.1: 8.8 (HIGH)
-