CVE-2014-0929 Information

Description

Cross-site request forgery (CSRF) vulnerability in the Profiles component in IBM Connections through 3.0.1.1 CR3 allows remote authenticated users to hijack the authentication of arbitrary users for requests that trigger follow actions.

Reference

http://secunia.com/advisories/59046 http://www-01.ibm.com/support/docview.wss?uid=swg1LO79622 http://www-01.ibm.com/support/docview.wss?uid=swg21668509 https://exchange.xforce.ibmcloud.com/vulnerabilities/92261