IBM TRIRIGA Application Platform CVE-2012-5949 Multiple Link Injection Security Vulnerabilities
BID:58959
Info
IBM TRIRIGA Application Platform CVE-2012-5949 Multiple Link Injection Security Vulnerabilities
| Bugtraq ID: | 58959 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-5949 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 08 2013 12:00AM |
| Updated: | Apr 08 2013 12:00AM |
| Credit: | IBM |
| Vulnerable: |
IBM TRIRIGA Application Platform 3.2.1 IBM TRIRIGA Application Platform 3.2 IBM TRIRIGA Application Platform 3.1 IBM TRIRIGA Application Platform 3.0 IBM TRIRIGA Application Platform 2.7 IBM TRIRIGA Application Platform 2.6 IBM TRIRIGA Application Platform 2.5 IBM TRIRIGA Application Platform 2.1 |
| Not Vulnerable: |
IBM TRIRIGA Application Platform 3.3 |
Discussion
IBM TRIRIGA Application Platform CVE-2012-5949 Multiple Link Injection Security Vulnerabilities
IBM TRIRIGA Application Platform is prone to multiple link injection vulnerabilities.
Attackers can exploit these issues to inject arbitrary links to different pages within the application. This may allow an attacker to perform phishing attacks by presenting false information that may appear to be legitimate application pages.
IBM TRIRIGA Application Platform is prone to multiple link injection vulnerabilities.
Attackers can exploit these issues to inject arbitrary links to different pages within the application. This may allow an attacker to perform phishing attacks by presenting false information that may appear to be legitimate application pages.
Exploit / POC
IBM TRIRIGA Application Platform CVE-2012-5949 Multiple Link Injection Security Vulnerabilities
An attacker can exploit this issue using a web browser.
An attacker can exploit this issue using a web browser.
References
IBM TRIRIGA Application Platform CVE-2012-5949 Multiple Link Injection Security Vulnerabilities
References:
References: