Description

Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 4.0.0.1 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items.

Remediation

References

CVE-2012-0748

Related Vulnerabilities

WordPress Plugin Aviary Image Editor Add-on For Gravity Forms Arbitrary File Upload (3.0)

MediaWiki Use of Insufficiently Random Values Vulnerability (CVE-2023-22912)

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616)

WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (5.8.0)

PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11583)

Severity

Medium

Classification

CVE-2012-0748 CWE-352

Tags

Missing Update Known Vulnerabilities