CSRF in Ibm Websphere_extreme_scale
CVE-2015-2026
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS seq…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.005 (41.2th percentile) — read the EPSS interpretation.
Affected products
- Ibm Websphere_extreme_scale — versions 7.1.0, 7.1.0.2, 7.1.1
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (vendor-advisory, Patch, Vendor Advisory, x_refsource_AIXAPAR)
- psirt@us.ibm.com (vendor-advisory, Patch, Vendor Advisory, x_refsource_AIXAPAR)