CVE-2012-5308
published 2012-10-08CVE-2012-5308: Cross-site request forgery (CSRF) vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Cross-site request forgery (CSRF) vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack the authentication of arbitrary users for requests that create problem reports via a getReportProblem upload action.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |
| ibm | lotus_notes_traveler | — | — |