Cross-site Request Forgery in IBM Leads by IBM
CVE-2015-0115

Currently unrated

Key Information:

Vendor: IBM
Status: Leads
Vendor: CVE Published:; 28 June 2015

Summary

A Cross-site Request Forgery (CSRF) vulnerability exists in IBM Leads, allowing remote authenticated users to exploit the security of customer accounts. Attackers could potentially hijack user sessions, leading to unauthorized actions being performed on behalf of the users without their consent. This vulnerability impacts several versions of the IBM Leads software, highlighting the importance of timely updates and security patches.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21902807

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 28, 2015
Vulnerability Reserved
Nov 18, 2014