2 matches found
Security Bulletin: IBM Cúram Social Program Management is vulnerable to cross-site request forgery attacks (CVE-2014-6090).
Summary IBM Cúram Social Program management contains a number of servlets which do not adequately protect against CSRF. This could potentially allow an attacker to affect the integrity of data managed by these servlets. Vulnerability Details CVEID: CVE-2014-6090 DESCRIPTION: IBM Curam Social...
CVE-2014-6090
CVE-2014-6090 affects IBM Cúram SPM (DataMappingEditorCommands, DatastoreEditorCommands, IEGEditorCommands) across multiple versions (5.2 SP6 before EP6; 6.0 SP2 before EP26; 6.0.3/6.0.4/6.0.5 before respective iFix/EP levels). The root cause is CSRF in these servlets, allowing remote attackers t...