IBM Business Process Manager 7.5/8.0/8.5 Web UI cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in IBM Business Process Manager 7.5/8.0/8.5 (Business Process Management Software) and classified as problematic. Affected by this issue is an unknown code block of the component Web UI. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1082014501/14/2021VulD...person_nameIBMsecurityfocus.com01/14/2021accepted70
1082014401/14/2021VulD...cvss2_nvd_basescore3.5nist.gov01/14/2021accepted90
1082014301/14/2021VulD...xforce130409cve.mitre.org01/14/2021accepted70
714180911/20/2019VulD...securityfocus_classInput Validation Errorsecurityfocus.com11/20/2019accepted100
714180811/20/2019VulD...securityfocus_date1506038400 (09/22/2017)securityfocus.com11/20/2019accepted100
714180011/20/2019VulD...confirm_urlhttp://www.ibm.com/support/docview.wss?uid=swg22007351ibm.com11/20/2019accepted100
714176111/20/2019VulD...discoverydate150603840011/20/2019accepted100
714182209/27/2017VulD...cvss3_nvd_basescore5.4nist.gov09/27/2017accepted90
714182109/27/2017VulD...0day_days409/27/2017accepted90
714182009/27/2017VulD...cvss3_vuldb_rcX09/27/2017accepted90
714181909/27/2017VulD...cvss3_vuldb_rlX09/27/2017accepted90
714181809/27/2017VulD...cvss3_vuldb_eX09/27/2017accepted90
714181709/27/2017VulD...cvss2_vuldb_rcND09/27/2017accepted90
714181609/27/2017VulD...cvss2_vuldb_rlND09/27/2017accepted90
714181509/27/2017VulD...cvss2_vuldb_eND09/27/2017accepted90
714181409/27/2017VulD...locationWebsite09/27/2017accepted90
714181309/27/2017VulD...seealso10716909/27/2017accepted100
714181209/27/2017VulD...qualys_titleIBM Business Process Manager Cross-Site Scripting multiple vulnerabilities (swg22007351 and swg22007354)qualys.com09/27/2017accepted100
714181109/27/2017VulD...qualys_id370609qualys.com09/27/2017accepted100
714181009/27/2017VulD...securityfocus_titleIBM Business Process Manager CVE-2017-1530 HTML Injection Vulnerabilitysecurityfocus.com09/27/2017accepted100

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!