CVE-2013-0540
CVE-2013-0540 : IBM WebSphere Application Server Liberty Profile 8.5 before 8.5.0.2 has an authentication cookie validation flaw when SSL is not enabled, allowing remote authenticated users to bypass access controls via an HTTP session. The connected IBM advisories indicate the remediation is to ...