3 matches found
Security Bulletin: Cross-site scripting vulnerabilities in IBM Business Process Manager (BPM) Process Portal (CVE-2015-0105)
Summary IBM Business Process Manager is vulnerable to cross-site scripting, which is caused by the improper validation of user-supplied input. A remote attacker might exploit this vulnerability using a specially crafted URL to execute a script in a user's web browser within the security context o...
CVE-2015-0105
Cross-site scripting XSS vulnerability in the Process Portal in IBM Business Process Manager BPM 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-0105
CVE-2015-0105 is an XSS vulnerability in IBM BPM’s Process Portal affecting BPM Standard/Express/Advanced 8.0.x before 8.0.1.3, 8.5.0 before 8.5.0.1, and 8.5.5 before 8.5.5.0. Root cause: improper validation/filtering of user-supplied input, allowing a crafted URL to execute script in a user’s br...