CVE-2016-0295

Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 before 9.5.2 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111363.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:bigfix_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:bigfix_platform:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:bigfix_platform:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:bigfix_platform:9.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-02-28 17:29

Updated : 2024-02-28 16:25


NVD link : CVE-2016-0295

Mitre link : CVE-2016-0295

CVE.ORG link : CVE-2016-0295


JSON object : View

Products Affected

ibm

  • bigfix_platform
CWE
CWE-352

Cross-Site Request Forgery (CSRF)