CVE-2014-3061
IBM Emptoris Spend Analysis is affected by a CSRF vulnerability (CVE-2014-3061) in 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4. The issue allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. Root cause is ...