cpe:/a:microfocus:cms_server:2018.05 CVE-2018-6497 2018-06-15T21:29:06.570-04:00 2019-10-09T19:41:52.127-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SECTRACK 1041140 CONFIRM https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180069 Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-site request forgery (CSRF).