IBM WebSphere Application Server is affected by a cross-site request forgery, caused by improper validation of user-supplied input to the Administrative Console. By persuading an authenticated, privileged user to visit a malicious URL during a limited timing window, a remote attacker could send a specially-crafted request to execute malicious and unauthorized actions. CWE: CWE-352: Cross-Site Request Forgery (CSRF)