Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2 ifix016, 6.0 and 6.0.1 prior to 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrary users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm jazz reporting service 5.0.1 |
||
ibm jazz reporting service 5.0 |
||
ibm jazz reporting service 6.0.2 |
||
ibm jazz reporting service 6.0.1 |
||
ibm jazz reporting service 6.0 |
||
ibm jazz reporting service 5.0.2 |