Unrated severityNVD Advisory· Published Jun 28, 2015· Updated Jun 17, 2026
CVE-2015-0115
CVE-2015-0115
Description
Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to hijack the authentication of customer accounts.
Affected products
11cpe:2.3:a:ibm:leads:7.1.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ibm:leads:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:7.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:8.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:8.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:8.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:8.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:9.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:9.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:leads:9.1.1:*:*:*:*:*:*:*
- (no CPE)range: 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, 9.1.1 before 9.1.1.0.2
Patches
Vulnerability mechanics
References
1- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.