Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the set of available applications.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg1LO90039 | Broken Link |
http://www-01.ibm.com/support/docview.wss?uid=swg21990864 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/94332 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2016-11-30 11:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-3004
Mitre link : CVE-2016-3004
CVE.ORG link : CVE-2016-3004
JSON object : View
Products Affected
ibm
- connections
CWE
CWE-352
Cross-Site Request Forgery (CSRF)