CVE-2013-1088

Name of the Vulnerable Software and Affected Versions Novell iManager versions 2.7 through 2.7 before SP6 Patch 1

Description A cross-site request forgery issue exists due to improper request validation by iManager code within an Apache Tomcat container, allowing remote attackers to hijack the authentication of arbitrary users.

Recommendations For Novell iManager version 2.7, apply SP6 Patch 1 to resolve the issue.