IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188907.
CPE | Name | Operator | Version |
---|---|---|---|
business_automation_workflow | ge | 18.0.0.0 | |
business_automation_workflow | le | 20.0.0.2 | |
case_manager | ge | 5.2.0 | |
case_manager | le | 5.3.3 |