CVE-2025-36054 Cross-site scripting vulnerability affect IBM Business Automation Workflow Process Federation Server -

IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF006, 24.0.1 through 24.0.1-IF004, 25.0.0 through 25.0.0-IF001 and IBM Business Automation Workflow traditional with Process Federation Server 24.0.0 through 24.0.1 and 25.0.0 are vulnerable to cross-site scripting. This...

CVE-2025-62239

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

Liferay Portal is vulnerable to XSS through its workflow process builder

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

CVE-2025-62239

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

CVE-2025-62239

CVE-2025-62239 is an XSS vulnerability in Liferay’s workflow designer component (com.liferay.portal.workflow.kaleo.designer.web) confirmed by Veracode and Snyk. Affected: Liferay Portal 7.4.3.21–7.4.3.111 and Liferay DXP 2023.Q4.0–2023.Q4.5, 2023.Q3.1–2023.Q3.8, and 7.4 update 21–92. Description:...

CVE-2025-62239

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

EUVD-2008-4561

Malware in sbrugna...

EUVD-2016-7507

Malware in sbrugna...

Security Bulletin: Cross-Site Scripting vulnerability affect IBM Cloud Pak for Automation Workflow Process Service (CVE-2021-38893 CVE-2021-38966)

Summary Process Admin Console in IBM Cloud Pak for Automation Workflow is vulnerable to a Cross-Site Scripting attack. Vulnerability Details CVEID: CVE-2021-38966 DESCRIPTION: IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed...

Security Bulletin: Log4j - CVE-2021-44228 vulnerability affects IBM Cloud Pak for Business Automation(CP4BA) Workflow Process Service

Summary Log4j CVE-2021-44228 also called Log4Shell or LogJam affected the CP4BA Workflow Process Service. Customers are encouraged to take action and apply the fix below. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code ...

Security Bulletin: vulnerability affect IBM Cloud Pak for Business Automation Workflow Process Service (CVE-2021-38900)

Summary IBM Cloud Pak for Business Automaion Workflow Process Service could allow a privileged user to obtain highly sensitive information due to improper access controls. Vulnerability Details CVEID: CVE-2021-38900 DESCRIPTION: IBM Business Automation Workflow could allow a privileged user to...

CVE-2016-6588

A Cross-Site Scripting XSS vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0...

CVE-2016-6588

A Cross-Site Scripting XSS vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0...

CVE-2016-6589

A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0...

Symantec IT Management Suite Multiple Issues

SUMMARY Symantec has released updates to address two security issues: a cross-site scripting XSS issue and a denial of service DoS issue reported in the Symantec IT Management Suite ITMS workflow process manager console. AFFECTED PRODUCTS Symantec IT Manage Suite Workflow Process Manager Console...

CVE-2008-4581

The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process aka Flow Process view...

Design/Logic Flaw

The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process aka Flow Process view...

CVE-2008-4581

The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process aka Flow Process view...