IBM Security Bulletin: Information disclosure vulnerability reported in IBM Emptoris Sourcing (CVE-2015-5024)

IBM Emptoris Sourcing could allow an authenticated user to view other users bids which could contain sensitive information that they should not have access to. This vulnerability is limited to the supplier bid report. CVE(s):  ...

from IBM Product Security Incident Response Team http://ift.tt/1VuVxiE