Lucene search

K
RedhatJboss Bpm Suite6.0.0

5 matches found

CVE
CVE
added 2017/11/09 5:29 p.m.235 views

CVE-2015-7501

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Serve...

10CVSS9.7AI score0.74837EPSS
CVE
CVE
added 2016/08/05 3:59 p.m.54 views

CVE-2016-4999

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Dis...

9.8CVSS9.9AI score0.03513EPSS
CVE
CVE
added 2014/04/10 8:29 p.m.49 views

CVE-2013-6468

JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.

6.5CVSS9.3AI score0.00473EPSS
CVE
CVE
added 2018/08/01 2:29 p.m.47 views

CVE-2016-8608

JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showi...

5.4CVSS5.4AI score0.00191EPSS
CVE
CVE
added 2017/04/20 9:59 p.m.39 views

CVE-2016-5401

Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.

8.8CVSS8.8AI score0.0013EPSS