CVE-2016-2863 (websphere_commerce)

Posted on 2016년 7월 4일2016년 7월 7일 by admin

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 7.0 Feature Pack 8, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Source: CVE-2016-2863 (websphere_commerce)

답글 남기기 응답 취소