CVE-2014-4785

Currently unrated

Key Information:

Vendor
IBM
Status
Initiate Master Data Service
Vendor
CVE Published:
10 September 2014

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95032
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg21682450
x_refsource_CONFIRM
http://secunia.com/advisories/60996
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.