Security Bulletin: Cross-site scripting vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4516

Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack. Vulnerability Details CVEID: CVE-2020-4516 DESCRIPTION: IBM Business Process Manager and IBM Business Automation Workflow is vulnerable to cross-site scripting. This...

CVE-2020-4516

IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

CVE-2020-4516

CVE-2020-4516 affects IBM BPM (8.5, 8.6) and IBM Business Automation Workflow (18.0, 19.0, 20.0). Root cause: cross-site scripting due to improper input neutralization in the Web UI, enabling attackers to inject arbitrary JavaScript and potentially disclose credentials within a trusted session. A...