CVE-2016-0227

2016-03-03T22:59:00
ID CVE-2016-0227
Type cve
Reporter cve@mitre.org
Modified 2016-12-03T03:16:00

Description

Cross-site scripting (XSS) vulnerability in the document-list control implementation in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, and 8.5.5 and 8.5.6 through 8.5.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.