IBM Standards Processing Information Disclosure Vulnerability

Ibm Standards Processing Engine (Ibm Transformation Extender Advanced) is a document conversion software from Ibm, Inc. A security vulnerability exists in IBM Standards Processing, which stems from the fact that the engine does not set security attributes on authorization tokens or session cookies. An attacker could obtain the cookie value by sending a ““http://”” link to the user or by planting this link in the site the user visits.