Cross-site request forgery (CSRF) vulnerability in birtviewer.query in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2014-10-29T10:00:00
Updated: 2024-08-06T11:27:36.907Z
Reserved: 2014-07-09T00:00:00
Link: CVE-2014-4839
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-10-29T10:55:04.540
Modified: 2017-08-29T01:35:09.890
Link: CVE-2014-4839
Redhat
No data.