Cross site request forgery (csrf)

2023-01-0400:15:00

PRIOn knowledge base

www.prio-n.com

ibm business automation workflow

cross-site request forgery

vulnerable

security advisory

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON

IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 238054.

CPENameOperatorVersion
business_automation_workfloweq21.0.2
business_automation_workfloweq21.0.3
business_automation_workfloweq21.0.1
business_automation_workfloweq22.0.1
business_automation_workfloweq22.0.1 if1
business_automation_workfloweq22.0.1 if2
business_automation_workfloweq22.0.1 if3
business_automation_workfloweq22.0.1 if4
business_automation_workfloweq22.0.1 if5
business_automation_workfloweq21.0.3 if1

Name	Operator	Version
business_automation_workflow	eq	21.0.2
business_automation_workflow	eq	21.0.3
business_automation_workflow	eq	21.0.1
business_automation_workflow	eq	22.0.1
business_automation_workflow	eq	22.0.1 if1
business_automation_workflow	eq	22.0.1 if2
business_automation_workflow	eq	22.0.1 if3
business_automation_workflow	eq	22.0.1 if4
business_automation_workflow	eq	22.0.1 if5
business_automation_workflow	eq	21.0.3 if1