Business Process Manager@8.5.7.0 Security Vulnerabilities and Issues — Business Process Manager@8.5.7.0 CVE List

Lucene search

IbmBusiness Process Manager8.5.7.0

3 matches found

CVE•added 2016/10/14 2:59 a.m.•41 views

CVE-2016-3056

Cross-site scripting (XSS) vulnerability in Business Space in IBM Business Process Manager 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, and 8.5 before 8.5.7.0 CF2016.09 allows remote authenticated users to inject arbitrary web script or HTML via crafted content.

5.4CVSS5.2AI score0.00241EPSS

CVE•added 2016/06/30 1:59 a.m.•39 views

CVE-2016-0349

IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 before 8.5.7.CF201606 allows remote authenticated users to bypass intended access restrictions and update process-instance variables via a REST API call.

6.5CVSS6AI score0.00096EPSS

CVE•added 2016/10/05 10:59 a.m.•34 views

CVE-2016-5901

Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

5.4CVSS5AI score0.0017EPSS