Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users.
https://exchange.xforce.ibmcloud.com/vulnerabilities/86546
http://www.securityfocus.com/bid/66154
http://www-01.ibm.com/support/docview.wss?uid=swg21666684
http://www-01.ibm.com/support/docview.wss?uid=swg1JR49206