CSRF Vulnerabilities in IBM Curam Social Program Management
CVE-2014-6090

Currently unrated

Key Information:

Vendor
IBM
Status
Curam Social Program Management
Vendor
CVE Published:
27 April 2015

Summary

Multiple cross-site request forgery vulnerabilities exist in IBM Curam Social Program Management, specifically within the DataMappingEditorCommands, DatastoreEditorCommands, and IEGEditorCommands servlets. These security flaws allow remote attackers to exploit the system, potentially hijacking the authentication of users. When exploited, these vulnerabilities can enable an attacker to send malicious requests that may insert XSS sequences, posing a significant risk to data integrity and user security.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21697726
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.