CVE-2015-0116 Information

Description

IBM Leads 7.x 8.1.0 before 8.1.0.14 8.2 8.5.0 before 8.5.0.7.3 8.6.0 before 8.6.0.8.1 9.0.0 through 9.0.0.4 9.1.0 before 9.1.0.6.1 and 9.1.1 before 9.1.1.0.2 does not properly restrict the addition of links which makes it easier for remote authenticated users to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21902807