CVE-2014-8913
CVE-2014-8913/8914 affect IBM Business Process Manager Process Portal across Standard/Express/Advanced 8.0.x–8.5.x. Root cause: insufficient input validation allowing XSS via crafted URLs. Impact: remote authenticated users can inject scripts (possible cookie theft) in the web UI. Remediation: ap...