Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:13
Type | Values Removed | Values Added |
---|---|---|
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1PI34987 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21697213 - Patch, Vendor Advisory | |
References | () http://www.securitytracker.com/id/1031880 - |
Information
Published : 2015-03-13 01:59
Updated : 2024-11-21 02:13
NVD link : CVE-2014-6214
Mitre link : CVE-2014-6214
CVE.ORG link : CVE-2014-6214
JSON object : View
Products Affected
ibm
- websphere_portal
CWE
CWE-352
Cross-Site Request Forgery (CSRF)