3 matches found
Security Bulletin: Cross-Site Scripting vulnerability affect IBM Cloud Pak for Automation Workflow Process Service (CVE-2021-38893 CVE-2021-38966)
Summary Process Admin Console in IBM Cloud Pak for Automation Workflow is vulnerable to a Cross-Site Scripting attack. Vulnerability Details CVEID: CVE-2021-38966 DESCRIPTION: IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed...
Security Bulletin: Cross-Site Scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2021-38893
Summary Process Admin Console in IBM Business Process Manager and IBM Business Automation Workflow is vulnerable to a Cross-Site Scripting attack. Vulnerability Details CVEID: CVE-2021-38893 DESCRIPTION: IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20....
CVE-2021-38893
CVE-2021-38893 affects IBM BPM 8.5/8.6 and IBM Business Automation Workflow 18.0–21.0, with a stored Cross‑Site Scripting (XSS) in the Web UI that could lead to credentials disclosure in a trusted session. Connected IBM advisories confirm affected products/versions and provide remediation guidanc...