CVE-2015-0193 Information

Description

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL that triggers an error condition.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1JR52626 http://www-01.ibm.com/support/docview.wss?uid=swg21697944