CVE-2016-2889

2016-07-07T21:59:10
ID CVE-2016-2889
Type cve
Reporter NVD
Modified 2016-11-28T15:05:27

Description

Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrary users.