XSS in Ibm Business_process_manager
CVE-2015-0193
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated u…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.002 (42.2th percentile) — read the EPSS interpretation.
Affected products
- Ibm Business_process_manager — versions 7.5.0.0, 7.5.0.1, 7.5.1.0
- Ibm Websphere — versions 7.2, 7.2.0.1, 7.2.0.2
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
- JR52626 (vendor-advisory, x_refsource_AIXAPAR)