Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x prior to 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm forms experience builder 8.5.0.0 |
||
ibm forms experience builder 8.5.1.1 |
||
ibm forms experience builder 8.6.1 |
||
ibm forms experience builder 8.6.1.1 |
||
ibm forms experience builder 8.6.2 |
||
ibm forms experience builder 8.6.2.1 |
||
ibm forms experience builder 8.5.1.0 |
||
ibm forms experience builder 8.6.0.0 |
||
ibm forms experience builder 8.6.3 |
Vulmon