Cross-site request forgery (CSRF) vulnerability in servlet/traveler in IBM Lotus Notes Traveler up to and including 8.5.3.3 Interim Fix 1 allows remote malicious users to hijack the authentication of arbitrary users for requests that create problem reports via a getReportProblem upload action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm lotus notes traveler 8.5.1.3 |
||
ibm lotus notes traveler 8.5.0.0 |
||
ibm lotus notes traveler 8.5.3 |
||
ibm lotus notes traveler 8.5.3.3 |
||
ibm lotus notes traveler 8.5.0.1 |
||
ibm lotus notes traveler 8.5.0.2 |
||
ibm lotus notes traveler 8.5.2.1 |
||
ibm lotus notes traveler 8.5.3.1 |
||
ibm lotus notes traveler 8.5.3.2 |
||
ibm lotus notes traveler 8.5.1.1 |
||
ibm lotus notes traveler 8.5.1.2 |