The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2012-06-22T10:00:00

Updated: 2024-08-06T18:16:19.329Z

Reserved: 2011-12-14T00:00:00

Link: CVE-2012-0191

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-06-22T10:24:05.973

Modified: 2017-08-29T01:30:51.630

Link: CVE-2012-0191

cve-icon Redhat

No data.