Security Bulletin: Cross Site Scripting vulnerability in Google Web Toolkit may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2012-5920

Summary IBM Business Process Manager and IBM Business Automation Workflow may be vulnerable to a cross site scripting attack. Vulnerability Details CVEID: CVE-2012-5920 DESCRIPTION: Google Web Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

CVE-2012-5920

CVE-2012-5920 is an XSS vulnerability in Google Web Toolkit (GWT) 2.4–2.5 Final, used in JBoss Operations Network 3.1.1 and potentially other products. It stems from an incomplete fix for CVE-2012-4563 and allows remote attackers to inject arbitrary script/HTML via unspecified vectors. Red Hat/IB...