CSRF Vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x

CVE-2016-2884 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Learn more about our Cis Benchmark Audit For Ibm I.