Lucene search
China National Vulnerability DatabaseCNVD-2022-14710HistoryJan 05, 2022 - 12:00 a.m.
IBM Business Automation Workflow Cross-Site Scripting Vulnerability (CNVD-2022-14710)
2022-01-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
19.8%
IBM Business Automation Workflow is a set of workflow automation solutions from IBM in the United States. The product is mainly used for workflow management, compliance management, and has features such as workflow visibility and scalability. A cross-site scripting vulnerability exists in IBM Business Automation Workflow. The vulnerability stems from the fact that IBM Business Automation Workflow is vulnerable to cross-site scripting attacks. An attacker could exploit the vulnerability to steal credentials in a trusted session.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm cloud_pak_for_automation | eq | 21.0.2 | |
| ibm workflow_process_service | eq | 21.0.2 |
Related
cvelist
cvelist
CVE-2021-38966
2021-12-20 00:00:00
prion
prion
Cross site scripting
2021-12-21 19:15:00
nvd
nvd
CVE-2021-38966
2021-12-21 19:15:07
cve
cve
CVE-2021-38966
2021-12-21 19:15:07
ibm
ibm
Security Bulletin: Cross-Site Scripting vulnerability affect IBM Cloud Pak for Automation Workflow Process Service (CVE-2021-38893 CVE-2021-38966)
2022-03-10 22:22:11