Lucene search

K
IbmBusiness Process Manager

11 matches found

CVE
CVE
added 2013/07/06 1:57 p.m.45 views

CVE-2013-0581

Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) ProcessPortal/jsp/socialPortal/dashboard.jsp, (2) teamworks/executeServi...

3.5CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2015/03/24 12:59 a.m.45 views

CVE-2015-0103

Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields.

3.5CVSS5.3AI score0.00176EPSS
CVE
CVE
added 2015/10/03 10:59 p.m.42 views

CVE-2015-4955

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 before 8.5.6.0 CF1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS6.8AI score0.00231EPSS
CVE
CVE
added 2014/12/19 2:59 a.m.41 views

CVE-2014-6173

Cross-site scripting (XSS) vulnerability in the Process Inspector in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00227EPSS
CVE
CVE
added 2015/01/21 3:17 p.m.39 views

CVE-2014-8913

Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8914.

3.5CVSS5.2AI score0.00304EPSS
CVE
CVE
added 2015/05/30 7:59 p.m.38 views

CVE-2015-0193

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted UR...

3.5CVSS6.8AI score0.00201EPSS
CVE
CVE
added 2014/09/04 10:55 a.m.37 views

CVE-2014-3075

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 8.5.5 and WebSphere Lombardi Edition 7.2.0.x allows remote authenticated users to inject arbitrary web script or HTML via an uploaded file.

3.5CVSS5.3AI score0.00188EPSS
CVE
CVE
added 2015/01/21 3:17 p.m.37 views

CVE-2014-8914

Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8913.

3.5CVSS5.2AI score0.00304EPSS
CVE
CVE
added 2015/05/25 2:59 p.m.37 views

CVE-2015-0156

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.6.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted UR...

3.5CVSS5.2AI score0.00227EPSS
CVE
CVE
added 2015/08/01 1:59 a.m.36 views

CVE-2015-1904

IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0, when external Enterprise Content Management (ECM) integration is enabled with a certain technical system account configuration, allows remote authenticated users to byp...

3.5CVSS8.7AI score0.00086EPSS
CVE
CVE
added 2015/07/21 7:59 p.m.35 views

CVE-2015-1906

Cross-site scripting (XSS) vulnerability in the REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted...

3.5CVSS5.2AI score0.00227EPSS