CSRF Vulnerabilities in IBM Curam Social Program Management
CVE-2014-6090
Currently unrated
What is CVE-2014-6090?
Multiple cross-site request forgery vulnerabilities exist in IBM Curam Social Program Management, specifically within the DataMappingEditorCommands, DatastoreEditorCommands, and IEGEditorCommands servlets. These security flaws allow remote attackers to exploit the system, potentially hijacking the authentication of users. When exploited, these vulnerabilities can enable an attacker to send malicious requests that may insert XSS sequences, posing a significant risk to data integrity and user security.