CVE-2015-1906 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in the REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2 8.0.x through 8.0.1.3 8.5.0 through 8.5.0.1 8.5.5 through 8.5.5.0 and 8.5.6 through 8.5.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www.securitytracker.com/id/1033002 http://www-01.ibm.com/support/docview.wss?uid=swg1JR52772 http://www-01.ibm.com/support/docview.wss?uid=swg21700717

Share on: