Vulnerabilities > IBM > Mashups Center
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-02 | CVE-2015-7407 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Mashups Center 3.0.0.1 Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.8 |
2016-01-02 | CVE-2015-7400 | Resource Management Errors vulnerability in IBM Mashups Center 3.0.0.1 The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.7 |