CVE-2016-0348

EUVD-2016-0383
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
ibmtririga_application_platform
3.3.0.0
ibmtririga_application_platform
3.3.1.0
ibmtririga_application_platform
3.3.2.0
ibmtririga_application_platform
3.4.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21980237
https://exchange.xforce.ibmcloud.com/vulnerabilities/111813
http://www-01.ibm.com/support/docview.wss?uid=swg21980237
https://exchange.xforce.ibmcloud.com/vulnerabilities/111813