CVE-2014-8894

Name of the Vulnerable Software and Affected Versions IBM TRIRIGA Application Platform versions 3.2.1.x through 3.3.2 before 3.3.2.3 IBM TRIRIGA Application Platform version 3.4.1 before 3.4.1.1

Description The issue allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the out parameter. This can be exploited by manipulating the out parameter to redirect users to malicious sites.

Recommendations For IBM TRIRIGA Application Platform versions 3.2.1.x, update to version 3.3.2.3 or later to resolve the issue. For IBM TRIRIGA Application Platform version 3.3.2 before 3.3.2.3, update to version 3.3.2.3 or later to resolve the issue. For IBM TRIRIGA Application Platform version 3.4.1 before 3.4.1.1, update to version 3.4.1.1 or later to resolve the issue.