CVE-2011-1839
IBM Rational Build Forge 7.1.0 is vulnerable because it uses HTTP GET during redirection from the authentication servlet to a PHP script, enabling context-dependent attackers to discover session IDs by reading web-server access logs, Referer logs, or browser history. Affected component: the authe...