Business Process Manager Security Vulnerabilities and Issues — Business Process Manager CVE List

Lucene search

IbmBusiness Process Manager

3 matches found

CVE•added 2015/07/21 7:59 p.m.•39 views

CVE-2015-1905

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions on task-variable value changes via unspecified vectors.

4CVSS6.1AI score0.00154EPSS

CVE•added 2015/07/21 7:59 p.m.•35 views

CVE-2015-1906

Cross-site scripting (XSS) vulnerability in the REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted...

3.5CVSS5.2AI score0.00227EPSS

CVE•added 2015/07/13 4:59 p.m.•34 views

CVE-2015-1961

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions and execute arbitrary JavaScript code on the server via a...

9CVSS7AI score0.00216EPSS