Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss bpm suite vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-7463
JBoss BRMS 6 and BPM Suite 6 prior to 6.4.3 are vulnerable to a reflected XSS via artifact upload. A malformed XML file, if uploaded, causes an error message to appear that includes part of the bad XML code verbatim without filtering out scripts. Successful exploitation would all...
Redhat Jboss Bpm Suite
4.3
CVSSv2
CVE-2017-2658
It exists that the Dashbuilder login page as used in Red Hat JBoss BPM Suite prior to 6.4.2 and Red Hat JBoss Data Virtualization & Services prior to 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this fl...
Redhat Jboss Data Virtualization \\& Services
Redhat Jboss Bpm Suite
3.5
CVSSv2
CVE-2016-6343
JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder (usually admins) to click on links to /dashbuilder/Controller containing malicious scripts. Successful exploitation would...
Redhat Jboss Bpm Suite
3.5
CVSSv2
CVE-2017-2674
JBoss BRMS 6 and BPM Suite 6 prior to 6.4.3 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sanitation of user input when creating new lists. Remote, authenticated attackers that have privileges to create lists can store scripts in...
Redhat Jboss Bpm Suite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2