2 matches found
Security Bulletin: A cross site scripting security vulnerability has been identified with Case Builder component shipped with IBM Business Automation Workflow (CVE-2019-4426)
Summary Case Builder component shipped with IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2019-4426
CVE-2019-4426 is a cross-site scripting vulnerability in the Case Builder component of IBM Case Manager (versions 5.1.1–5.3) and IBM Business Automation Workflow (18.0.0.0–19.0.0.2). The root cause is inadequate sanitization of user input in the Web UI, allowing arbitrary JavaScript execution and...