CVE-2016-0348

Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
ibmtririga_application_platform
3.3.0.0
ibmtririga_application_platform
3.3.1.0
ibmtririga_application_platform
3.3.2.0
ibmtririga_application_platform
3.4.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21980237
https://exchange.xforce.ibmcloud.com/vulnerabilities/111813
http://www-01.ibm.com/support/docview.wss?uid=swg21980237
https://exchange.xforce.ibmcloud.com/vulnerabilities/111813