Multiple cross-site request forgery (CSRF) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x prior to 3.3, and 8, allow remote malicious users to hijack the authentication of arbitrary users for requests that modify data records via vectors involving (1) the html/en/default/ directory or (2) sqa/html/en/default/process/comm/saveProps.jsp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tririga application platform 2.6 |
||
ibm tririga application platform 2.5 |
||
ibm tririga application platform 2.1 |
||
ibm tririga application platform 3.2.1 |
||
ibm tririga application platform 3.1 |
||
ibm tririga application platform 3.0 |
||
ibm tririga application platform 2.7 |
||
ibm tririga application platform 3.2 |
||
ibm tririga application platform 8.0 |