CVE-2015-0115

Name of the Vulnerable Software and Affected Versions IBM Leads versions 7.x, 8.1.0 through 8.1.0.13, 8.2, 8.5.0 through 8.5.0.7.2, 8.6.0 through 8.6.0.8.0, 9.0.0 through 9.0.0.4, 9.1.0 through 9.1.0.6.0, 9.1.1 through 9.1.1.0.1

Description A cross-site request forgery (CSRF) issue allows remote authenticated users to hijack the authentication of customer accounts.

Recommendations For versions 7.x, update to a version outside of the affected range. For version 8.1.0, update to 8.1.0.14 or later. For version 8.2, update to a version outside of the affected range. For versions 8.5.0 through 8.5.0.7.2, update to 8.5.0.7.3 or later. For versions 8.6.0 through 8.6.0.8.0, update to 8.6.0.8.1 or later. For versions 9.0.0 through 9.0.0.4, update to a version outside of the affected range. For versions 9.1.0 through 9.1.0.6.0, update to 9.1.0.6.1 or later. For versions 9.1.1 through 9.1.1.0.1, update to 9.1.1.0.2 or later.