CVE-2012-4853 Information

Description

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45 7.0 before 7.0.0.25 8.0 before 8.0.0.5 and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger information disclosure.

Reference

http://www.ibm.com/support/docview.wss?uid=swg21614265 http://www.securityfocus.com/bid/56458 http://www-01.ibm.com/support/docview.wss?uid=swg1PM62920 https://exchange.xforce.ibmcloud.com/vulnerabilities/79598 was-wasrequrl-csrf(79598)