CVE-2012-0730 - Helvetic Compensation

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Reference

http://www.ibm.com/support/docview.wss?uid=swg21592188 http://secunia.com/advisories/48967 http://secunia.com/advisories/48968 http://www.securityfocus.com/bid/53247 https://exchange.xforce.ibmcloud.com/vulnerabilities/74370