The vulnerability of the Business Process Manager system allows a perpetrator to circumvent existing access restrictions and execute arbitrary Java scripts.

The vulnerability of the REST API interface of the Business Process Manager system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and execute arbitrary Java scripts using a specially crafted API request...