CVE-2021-38868

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Quality Assistant On-Premises (All versions)

Description The issue allows an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts due to cross-site request forgery.

Recommendations For IBM Engineering Requirements Quality Assistant On-Premises, consider implementing anti-CSRF measures, such as token-based validation, to prevent unauthorized actions. As a temporary workaround, restrict access to sensitive operations that could be exploited through cross-site request forgery until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.