Security Bulletin: IBM Data Studio Web Console is vulnerable to cross-site request forgery, caused by improper validation of browser request headers.
A service in the IBM Data Studio Web Console versions 3.1.0 and 3.1.1 is impacted by cross-site request forgery. By persuading an authenticated user to visit a malicious web site, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE ID: CVE-2013-2980
AFFECTED PRODUCTS :
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21638733