2 matches found
Security Bulletin: File path traversal vulnerability in IBM Business Process Manager (BPM) and WebSphere Lombardi Edition (WLE) (CVE-2015-1884)
Summary IBM Business Proccess Manager and WebSphere Lombardi Edition are vulnerable to file path traversal. Due to insufficient input parameter validation files can be downloaded by authenticated attackers using specially crafted URLs. Vulnerability Details CVEID: CVE-2015-1884 DESCRIPTION: IBM...
CVE-2015-1884
IBM Business Process Manager (BPM) and WebSphere Lombardi Edition are affected by a directory traversal vulnerability (CVE-2015-1884) due to insufficient input validation in the internationalization-file URL. Vulnerable products/versions include BPM Standard/Express/Advanced 7.5.x–8.5.5.0 and WLE...