CVE-2020-4773

Name of the Vulnerable Software and Affected Versions IBM Curam Social Program Management versions 7.0.9 through 7.0.10

Description A cross-site request forgery (CSRF) issue may force a user to execute unwanted actions on the web application while they are currently authenticated. This issue applies to a single server class only, with no impact to the remainder of the web application.

Recommendations For versions 7.0.9 and 7.0.10, consider implementing anti-CSRF measures, such as token-based validation, to prevent unwanted actions on the web application. As a temporary workaround, restrict access to the affected server class to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.