16 matches found
CVE-2016-8608
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
Cross site scripting
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
CVE-2016-8608
CVE-2016-8608 applies to Red Hat JBoss BRMS 6 and BPM Suite 6. The flaw is a stored XSS in the business process editor caused by an incomplete fix for CVE-2016-5398. Remote, authenticated users with privileges to create business processes can store scripts that are not properly sanitized before d...
PT-2018-5029 · Red Hat · Jboss Brms 6 +1
Name of the Vulnerable Software and Affected Versions: JBoss BRMS 6 and BPM Suite 6 Description: The issue is related to a stored XSS flaw in the business process editor, caused by an incomplete fix. Remote, authenticated attackers with privileges to create business processes can store scripts th...
Stored XSS in business process editor
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
Stored XSS in business process editor
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
CVE-2016-8608
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
CVE-2016-5398
Cross-site scripting XSS vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes...
CVE-2016-5398
Cross-site scripting XSS vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes...
Cross site scripting
Cross-site scripting XSS vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes...
CVE-2016-5398
Cross-site scripting XSS vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes...
CVE-2016-5398
A security flaw was found in the way Business Process Editor displays the business process details to the user. A remote authenticated attacker with privilege to create business processes could use this flaw to conduct stored XSS attacks against other users...
Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update
An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
stored XSS in JBoss BPM suite business process editor
A security flaw was found in the way Business Process Editor displays the business process details to the user. A remote authenticated attacker with privilege to create business processes could use this flaw to conduct stored XSS attacks against other users...
Moderate: Red Hat Security Advisory: Red Hat JBoss BPM Suite security update
An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
stored XSS in JBoss BPM suite business process editor
A security flaw was found in the way Business Process Editor displays the business process details to the user. A remote authenticated attacker with privilege to create business processes could use this flaw to conduct stored XSS attacks against other users...