CVE-2014-6077 Information

Feb 14, 2021 cve

Description

Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358 http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581 http://www-01.ibm.com/support/docview.wss?uid=swg21684475 https://exchange.xforce.ibmcloud.com/vulnerabilities/95730

Share on: