Cross-site scripting (XSS) vulnerability in the document-list control implementation in IBM Business Process Manager (BPM) 8.0 up to and including 8.0.1.3, 8.5.0 up to and including 8.5.0.2, and 8.5.5 and 8.5.6 up to and including 8.5.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm business process manager 8.5.6.0 |
||
ibm business process manager 8.5.5.0 |
||
ibm business process manager 8.0.1.1 |
||
ibm business process manager 8.5.0.1 |
||
ibm business process manager 8.5.0.2 |
||
ibm business process manager 8.5.0.0 |
||
ibm business process manager 8.5.6.2 |
||
ibm business process manager 8.0.1.3 |
||
ibm business process manager 8.0.1.2 |
||
ibm business process manager 8.0.1.0 |
||
ibm business process manager 8.0.0.0 |