CVE-2015-7407

2016-01-0221:00:00

ibm

www.cve.org

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

44.8%

JSON

Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

www-01.ibm.com/support/docview.wss?uid=swg1IT12268

www-01.ibm.com/support/docview.wss?uid=swg21970299

www.securityfocus.com/bid/78455