CVE-2015-0145

Name of the Vulnerable Software and Affected Versions IBM OpenPages GRC Platform versions 6.2 before IF7 IBM OpenPages GRC Platform versions 6.2.1 before 6.2.1.1 IF5 IBM OpenPages GRC Platform versions 7.0 before FP4 IBM OpenPages GRC Platform versions 7.1 before FP1

Description A cross-site request forgery (CSRF) issue allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Recommendations For IBM OpenPages GRC Platform version 6.2 before IF7, update to a version that includes IF7 or later. For IBM OpenPages GRC Platform version 6.2.1 before 6.2.1.1 IF5, update to a version that includes 6.2.1.1 IF5 or later. For IBM OpenPages GRC Platform version 7.0 before FP4, update to a version that includes FP4 or later. For IBM OpenPages GRC Platform version 7.1 before FP1, update to a version that includes FP1 or later.