Ibm Business Automation Workflow
42 CVEs affecting Ibm Business Automation Workflow. Latest disclosed: 2025-03-03. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-4424 | High | 7.1 | 2019-08-20 | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when proce… |
CVE-2021-29834 | Medium | 6.4 | 2021-09-29 | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5… |
CVE-2021-29775 | Medium | 6.4 | 2021-06-28 | IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. This vulnera… |
CVE-2020-4698 | Medium | 6.4 | 2020-09-08 | IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerabili… |
CVE-2019-4669 | Medium | 6.3 | 2020-02-27 | IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3… |
CVE-2023-32339 | Medium | 6.1 | 2023-06-27 | IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2018-1848 | Medium | 6.1 | 2018-12-14 | IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod… |
CVE-2021-29753 | Medium | 5.9 | 2021-11-05 | IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an i… |
CVE-2019-4425 | Medium | 5.7 | 2019-08-20 | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow a user to obtain highly sensitive information from another user by inserting link… |
CVE-2024-54179 | Medium | 5.4 | 2025-03-03 | IBM Business Automation Workflow and IBM Business Automation Workflow Enterprise Service Bus 24.0.0, 24.0.1 and earlier unsupported versions are vulnerable to… |
CVE-2023-50947 | Medium | 5.4 | 2024-02-04 | IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip… |
CVE-2023-24957 | Medium | 5.4 | 2023-05-06 | IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerab… |
CVE-2022-38390 | Medium | 5.4 | 2022-11-17 | Multiple IBM Business Automation Workflow versions are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i… |
CVE-2021-38883 | Medium | 5.4 | 2021-12-17 | IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerabil… |
CVE-2021-29835 | Medium | 5.4 | 2021-10-22 | IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip… |
CVE-2021-29878 | Medium | 5.4 | 2021-10-18 | IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip… |
CVE-2020-4794 | Medium | 5.4 | 2020-12-21 | IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could all… |
CVE-2020-4672 | Medium | 5.4 | 2020-11-16 | IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web… |
CVE-2020-4530 | Medium | 5.4 | 2020-09-15 | IBM Business Automation Workflow C.D.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 are vulnerable to cross-site scripting. This vulnerability allows use… |
CVE-2020-4516 | Medium | 5.4 | 2020-09-08 | IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allo… |