CSRF Vulnerabilities in IBM Curam Social Program Management
CVE-2014-6090
Currently unrated
Summary
Multiple cross-site request forgery vulnerabilities exist in IBM Curam Social Program Management, specifically within the DataMappingEditorCommands, DatastoreEditorCommands, and IEGEditorCommands servlets. These security flaws allow remote attackers to exploit the system, potentially hijacking the authentication of users. When exploited, these vulnerabilities can enable an attacker to send malicious requests that may insert XSS sequences, posing a significant risk to data integrity and user security.
References
Timeline
Vulnerability published
Vulnerability Reserved