Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2014-08-26T14:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2014-04-29T00:00:00
Link: CVE-2014-3061
JSON object: View
NVD Information
Status : Modified
Published: 2014-08-26T14:55:05.813
Modified: 2017-08-29T01:34:37.437
Link: CVE-2014-3061
JSON object: View
Redhat Information
No data.
CWE