Security Bulletin: Cross-Site Scripting vulnerability in IBM Business Automation Workflow (CVE-2018-1848)

Summary A Cross-Site Scripting vulnerability has been found in Performance Admin Console of IBM Business Automation Workflow. Vulnerability Details CVEID:CVE-2018-1848 DESCRIPTION: IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed...

CVE-2018-1848

IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-For...

CVE-2018-1848

CVE-2018-1848 is a cross-site scripting (XSS) flaw in IBM Business Automation Workflow, affecting version 18.0.0.0 through 18.0.0.1. The vulnerability allows embedding arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. IBM’s bulletin (and r...