CVE-2014-6173 Information

Description

Cross-site scripting (XSS) vulnerability in the Process Inspector in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1JR50241 http://www-01.ibm.com/support/docview.wss?uid=swg21690553 https://exchange.xforce.ibmcloud.com/vulnerabilities/98418