Cross-Site Request Forgery Vulnerability in IBM TRIRIGA Application Platform
CVE-2016-0348
8HIGH
Summary
A vulnerability exists in the IBM TRIRIGA Application Platform that allows attackers to exploit cross-site request forgery to hijack the authentication of users. This can enable unauthorized actions to be performed on behalf of the user, particularly the insertion of cross-site scripting (XSS) sequences, potentially compromising security. The affected versions are 3.3, 3.3.1, 3.3.2, and 3.4, making it crucial for users to ensure their systems are updated to mitigate the risk of exploitation.
References
CVSS V3.1
Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved