CVE-2015-0127

Name of the Vulnerable Software and Affected Versions IBM Leads versions 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, 9.1.1 before 9.1.1.0.2

Description The issue allows remote authenticated users to conduct phishing attacks via a crafted web site, due to improper restriction of use of FRAME elements.

Recommendations For versions 7.x, update to a version outside of the specified range. For version 8.1.0, update to 8.1.0.14 or later. For version 8.2, update to a version outside of the specified range. For versions 8.5.0, update to 8.5.0.7.3 or later. For versions 8.6.0, update to 8.6.0.8.1 or later. For versions 9.0.0, update to a version later than 9.0.0.4. For versions 9.1.0, update to 9.1.0.6.1 or later. For versions 9.1.1, update to 9.1.1.0.2 or later.