Cross-site request forgery (CSRF) vulnerability in the portlet subsystem in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 and 7.0 before 7.0.0.27 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2013-01-27T18:00:00

Updated: 2024-08-06T14:25:10.357Z

Reserved: 2012-12-16T00:00:00

Link: CVE-2013-0460

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-01-27T18:55:02.820

Modified: 2024-11-21T01:47:37.750

Link: CVE-2013-0460

cve-icon Redhat

No data.