CVE-2015-5007

Name of the Vulnerable Software and Affected Versions IBM WebSphere Commerce versions 6.0 through 6.0.0.11 IBM WebSphere Commerce versions 7.0 through 7.0.0.9 IBM WebSphere Commerce 7.0 Feature Pack 8

Description A cross-site request forgery (CSRF) issue allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Recommendations For versions 6.0 through 6.0.0.11, update to a version outside of this range to resolve the issue. For versions 7.0 through 7.0.0.9, update to a version outside of this range to resolve the issue. For 7.0 Feature Pack 8, update to a version outside of this range to resolve the issue.