CVE-2015-0127 Information

Description

IBM Leads 7.x 8.1.0 before 8.1.0.14 8.2 8.5.0 before 8.5.0.7.3 8.6.0 before 8.6.0.8.1 9.0.0 through 9.0.0.4 9.1.0 before 9.1.0.6.1 and 9.1.1 before 9.1.1.0.2 does not properly restrict use of FRAME elements which allows remote authenticated users to conduct phishing attacks via a crafted web site.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21902807