← back
CVE-2014-3058

CVE-2014-3058

EPSS 0.5%
Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/93532http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614http://www-01.ibm.com/support/docview.wss?uid=swg21691035