CSRF Vulnerability in IBM Jazz Reporting Service (JRS) 6.0 Allows Remote User Hijacking and XSS Insertion

CSRF Vulnerability in IBM Jazz Reporting Service (JRS) 6.0 Allows Remote User Hijacking and XSS Insertion

CVE-2015-7465 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Learn more about our Cis Benchmark Audit For Ibm I.