CVE-2015-2026

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Extreme Scale
Vendor: CVE Published:; 4 October 2015

Summary

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21966044

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Oct 4, 2015
Vulnerability Reserved
Feb 19, 2015