CVE-2014-4816

2014-09-23T22:55:00
ID CVE-2014-4816
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:35:00

Description

Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.x through 6.1.0.47, 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before 8.5.5.4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.