Cross site request forgery (csrf)

2016-11-3011:59:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.0%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the set of available applications.

CPENameOperatorVersion
connectionseq4.5.0.0
connectionseq5.0.0.0
connectionseq4.0.0.0

Name	Operator	Version
connections	eq	4.5.0.0
connections	eq	5.0.0.0
connections	eq	4.0.0.0

References

www-01.ibm.com/support/docview.wss?uid=swg1LO90039

www-01.ibm.com/support/docview.wss?uid=swg21990864

www.securityfocus.com/bid/94332