Cross-Site Request Forgery Vulnerability in IBM TRIRIGA Application Platform
CVE-2016-0348

8HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
21 February 2018

Summary

A vulnerability exists in the IBM TRIRIGA Application Platform that allows attackers to exploit cross-site request forgery to hijack the authentication of users. This can enable unauthorized actions to be performed on behalf of the user, particularly the insertion of cross-site scripting (XSS) sequences, potentially compromising security. The affected versions are 3.3, 3.3.1, 3.3.2, and 3.4, making it crucial for users to ensure their systems are updated to mitigate the risk of exploitation.

References

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.