CSRF Vulnerability in IBM Jazz Reporting Service (JRS) 6.0 Allows Remote User Hijacking and XSS Insertion
CVE-2015-7465 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Learn more about our Cis Benchmark Audit For Ibm I.