13 matches found
EUVD-2014-7960
Malware in sbrugna...
EUVD-2013-6269
Malware in sbrugna...
JBPM KIE Workbench Cross-Site Scripting Vulnerability
JBPM KIE Workbench is based on ASL Apache License Version 2.0 and EULA JBoss End User License Agreement agreement scalable open source executable process language framework. A cross-site scripting vulnerability exists in version 6.0.x of JBPM KIE Workbench. A remote attacker can exploit this...
CVE-2013-6465
Multiple cross-site scripting XSS vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs...
CVE-2013-6465
Multiple cross-site scripting XSS vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs...
CVE-2013-6465
CVE-2013-6465 : Multiple cross-site scripting (XSS) vulnerabilities exist in JBPM KIE Workbench 6.0.x. The issues allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name inputs. Sources in connected documents (NVD/CNVD/PRION/CVE entries) consistent...
KIE Workbench Arbitrary File Execution Vulnerability
KIE Workbench is a set of JAVA-based development of open source BPM business process management of the complete release , including all the BPM and rules module . An arbitrary file execution vulnerability exists in KIE Workbench 6.0.x that could allow an authenticated remote user to read or write...
Authorization
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors...
CVE-2014-8115
CVE-2014-8115 affects KIE Workbench 6.0.x (KIE Workbench) with insufficient authorization constraints that allow remote authenticated users to read or write arbitrary files via unknown vectors. The CVSS base score is 6.5 (Medium) with network attack vector and partial confidentiality/integrity/av...
CVE-2014-8115
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors...
Workbench: Insufficient authorization constraints
It was discovered that the default authorization constrains applied on servelets deployed in the KIE Workbench application were insufficient. A remote, authenticated user without sufficient privileges could use this flaw to upload or download arbitrary files, perform privileged actions that...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.3 security update
Red Hat JBoss BRMS 6.0.3 roll up patch 2, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...