Security Bulletin: CVE-2015-7450 affects the desktop IBM Process Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Summary The following vulnerability in Apache commons that affects the desktop IBM Process Designer has been addressed. Vulnerability Details CVEID:CVE-2015-7450 DESCRIPTION: Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and...

CVE-2021-29834

The CVE-2021-29834 entry concerns a stored cross-site scripting (XSS) vulnerability in IBM Business Automation Workflow and IBM Business Process Manager (BPM). According to IBM’s Security Bulletin, the affected versions are IBM Business Automation Workflow: V18.0, 19.0, 20.0, 21.0.2 and V20.0.2 p...

Cross site scripting

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

PT-2019-17068 · Ibm · Ibm Business Automation Workflow

Name of the Vulnerable Software and Affected Versions: IBM Business Automation Workflow versions 18.0.0.0 through 18.0.0.2 IBM Business Automation Workflow version 19.0.0.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality an...

CVE-2019-4204

This CVE is an XSS vulnerability in IBM Business Automation Workflow and IBM BPM (CVE-2019-4204). Affected products/versions: IBM Business Automation Workflow 18.0.0.0–19.0.0.1; IBM BPM 8.5.7.0–8.6.0.0 CF2017.06 and 8.6.0.0 CF2018.03. The issue allows arbitrary JavaScript in the Web UI, potential...