IBM Security Bulletin:  Cross-site Request Forgery (CSRF) security vulnerability in IBM WebSphere Commerce (CVE-2015-5007)

IBM WebSphere Commerce is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request. An attacker...

from IBM Product Security Incident Response Team http://ift.tt/1ZSsDND