TADDM fails to properly check for authorization when allowing a user to view BIRT reports. It is possible to bypass authorization in the application via parameters manipulation in the BIRT reporting URL. CVE(s): CVE-2013-2974 Affected...
via IBM Product Security Incident Response Team http://ibm.co/1a2i6cO
via IBM Product Security Incident Response Team http://ibm.co/1a2i6cO
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.