2 matches found
Security Bulletin: Cross-site scripting vulnerability in IBM Business Process Manager (CVE-2017-1767)
Summary Cross-site scripting vulnerability in an instance user interface affects IBM Business Process Manager. Vulnerability Details CVEID: CVE-2017-1767 DESCRIPTION: IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...
CVE-2017-1767
CVE-2017-1767 affects IBM Business Process Manager (BPM) and BPM components. The IBM bulletin documents a cross-site scripting (XSS) vulnerability in the BPM Web UI that can allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Af...