Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098 | Patch Vendor Advisory |
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105 | Patch Vendor Advisory |
http://www-01.ibm.com/support/docview.wss?uid=swg21966044 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2015-10-04T01:00:00
Updated: 2015-10-04T02:57:01
Reserved: 2015-02-19T00:00:00
Link: CVE-2015-2026
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-10-04T02:59:09.877
Modified: 2015-10-05T21:04:41.847
Link: CVE-2015-2026
JSON object: View
Redhat Information
No data.
CWE