3 matches found
Security Bulletin: Cross-site scripting vulnerability in IBM Business Process Manager (BPM) and WebSphere Lombardi Edition (WLE) Process Portal (CVE-2015-0106)
Summary IBM Business Process Manager and WebSphere Lombardi Edition are vulnerable to cross-site scripting, which is caused by the improper validation of user-supplied input. A remote attacker might exploit this vulnerability using a specially crafted URL to execute a script in a user's web brows...
CVE-2015-0106
Cross-site scripting XSS vulnerability in IBM Business Process Manager BPM 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition WLE 7.2.x through 7.2.0.5 allows remote attackers to inject arbitrary web script or HTML via a...
CVE-2015-0106
IBM BPM and WebSphere Lombardi Edition are affected by CVE-2015-0106: an XSS flaw from improper validation of user input that can be triggered by a crafted URL, allowing remote script execution in a user’s browser. Affected products/versions include IBM BPM Standard/Express/Advanced 7.5.x, 8.0.x,...