Ektron CMS 9.10 SP1 - CSRF Vulnerability

Vulnerability type: Cross-site Request Forgery Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.114 Patched version: 9.10 SP1 Build 9.1.0.184.1.120 CVE ID: CVE-2015-3624 Credit: Jerold Hoong PROOF OF CONCEPT CSRF Cross-site...

IBM Watson (Cognea) - XSS and Redirect Vulnerabilities

Vulnerability type: Cross-site Scripting & Redirect Vendor: www.ibm.com Product: IBM Watson Cloud Computing SaaS Cognea Product Link: http://www.ibm.com/smarterplanet/us/en/ibmwatson/ Credit: Jerold Hoong The logout.jsp page function of the IBM Watson Cognea SaaS application is vulnerable to...