CVE-2014-6214

2015-03-1301:00:00

ibm

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.8%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

www-01.ibm.com/support/docview.wss?uid=swg1PI34987

www-01.ibm.com/support/docview.wss?uid=swg21697213

www.securitytracker.com/id/1031880