CVE-2015-7465

2016-01-1002:00:00

ibm

www.cve.org

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

51.8%

JSON

Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

www-01.ibm.com/support/docview.wss?uid=swg21972484