Lucene search
RedhatJboss Business Rules Management System
3 matches found
CVE-2011-2487
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
5.9CVSS5.7AI score0.0014EPSS
CVE-2010-3857
JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.
6.1CVSS6AI score0.00491EPSS
CVE-2016-8608
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showi...
5.4CVSS5.4AI score0.00191EPSS