Ibm: >> Mashups Center Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVSS Score
8.8
EPSS Score
0.001
Published
2016-01-02
The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS Score
7.7
EPSS Score
0.008
Published
2016-01-02