Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 before 9.5.2 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111363.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21985830 | Mitigation Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/111363 | VDB Entry Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-02-28 17:29
Updated : 2024-02-28 16:25
NVD link : CVE-2016-0295
Mitre link : CVE-2016-0295
CVE.ORG link : CVE-2016-0295
JSON object : View
Products Affected
ibm
- bigfix_platform
CWE
CWE-352
Cross-Site Request Forgery (CSRF)