2 matches found
Security Bulletin: Cross-site scripting vulnerabilities in IBM Business Process Manager (BPM) Coach NG framework (CVE-2015-0158)
Summary IBM Business Process Manager Coach NG framework is vulnerable to cross-site scripting, which is caused by the improper validation of user-supplied input. A remote attacker might exploit this vulnerability using a specially crafted URL to execute a script in a user's web browser within the...
CVE-2015-0158
CVE-2015-0158 corresponds to a cross-site scripting (XSS) vulnerability in the IBM BPM Coach NG framework. The root cause is improper validation of user-supplied input, allowing a remote attacker to trigger script execution in a user’s browser via a specially crafted URL. Affected products includ...