Cross-Site Request Forgery Vulnerability in IBM Lotus Notes Traveler
CVE-2012-5308

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes Traveler
Vendor: CVE Published:; 8 October 2012

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in IBM Lotus Notes Traveler, affecting versions up to and including 8.5.3.3 Interim Fix 1. This security flaw allows remote attackers to leverage the vulnerability to hijack the authentication of users, manipulating them into generating problem reports through unauthorized requests that utilize the getReportProblem upload action.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 8, 2012