3 matches found
CVE-2021-38966
CVE-2021-38966 affects IBM Cloud Pak for Business Automation / IBM Cloud Pak for Automation Web UI (21.0.2). The IBM Bulletins and the IBM X-Force entry indicate a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript in the Web UI, potentiall...
CVE-2021-38893
CVE-2021-38893 affects IBM BPM 8.5/8.6 and IBM Business Automation Workflow 18.0–21.0, with a stored Cross‑Site Scripting (XSS) in the Web UI that could lead to credentials disclosure in a trusted session. Connected IBM advisories confirm affected products/versions and provide remediation guidanc...
CVE-2021-38900
CVE-2021-38900 affects IBM BPM 8.5/8.6 and IBM BAW 18.0–21.0, where improper access controls could allow a privileged user to obtain highly sensitive information. Public sources (IBM Security Bulletin, IBM support pages, and related advisories) detail affected product versions within IBM Cloud Pa...