CVE-2014-3058

2014-12-11T11:59:00
ID CVE-2014-3058
Type cve
Reporter NVD
Modified 2017-08-28T21:34:37

Description

Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.