CSRF in Ibm Lotus_domino

CVE-2013-0489

Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators.

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.001 (26.1th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_domino — versions 8.5.0, 8.5.0.1, 8.5.1
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

domino-webadmin-csrf(81854) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)