CVE-2013-2993
IBM WebSphere Commerce 6.x up to 6.0.0.11 and 7.x up to 7.0.0.7 contains an authentication flaw in unspecified web services. The issue allows remote attackers to issue requests in the context of an arbitrary user’s active session via unknown vectors. Affected component is the authentication handl...