CVE-2015-0103 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3 8.5.0 through 8.5.0.1 and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1JR50457 http://www-01.ibm.com/support/docview.wss?uid=swg21693270