Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 prior to 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm jazz reporting service 6.0 |