IBM Business Process Manager 7.5/8.0/8.5 Web UI cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in IBM Business Process Manager 7.5/8.0/8.5 (Business Process Management Software). It has been classified as problematic. This affects some unknown processing of the component Web UI. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1082014801/14/2021VulD...person_nameIBMsecurityfocus.com01/14/2021accepted70
1082014701/14/2021VulD...cvss2_nvd_basescore3.5nist.gov01/14/2021accepted90
1082014601/14/2021VulD...xforce130410cve.mitre.org01/14/2021accepted70
714187611/20/2019VulD...securityfocus_classInput Validation Errorsecurityfocus.com11/20/2019accepted100
714187511/20/2019VulD...securityfocus_date1506038400 (09/22/2017)securityfocus.com11/20/2019accepted100
714186711/20/2019VulD...confirm_urlhttp://www.ibm.com/support/docview.wss?uid=swg22007354ibm.com11/20/2019accepted100
714182811/20/2019VulD...discoverydate150603840011/20/2019accepted100
714188909/27/2017VulD...cvss3_nvd_basescore5.4nist.gov09/27/2017accepted90
714188809/27/2017VulD...0day_days409/27/2017accepted90
714188709/27/2017VulD...cvss3_vuldb_rcX09/27/2017accepted90
714188609/27/2017VulD...cvss3_vuldb_rlX09/27/2017accepted90
714188509/27/2017VulD...cvss3_vuldb_eX09/27/2017accepted90
714188409/27/2017VulD...cvss2_vuldb_rcND09/27/2017accepted90
714188309/27/2017VulD...cvss2_vuldb_rlND09/27/2017accepted90
714188209/27/2017VulD...cvss2_vuldb_eND09/27/2017accepted90
714188109/27/2017VulD...locationWebsite09/27/2017accepted90
714188009/27/2017VulD...seealso10716809/27/2017accepted100
714187909/27/2017VulD...qualys_titleIBM Business Process Manager Cross-Site Scripting multiple vulnerabilities (swg22007351 and swg22007354)qualys.com09/27/2017accepted100
714187809/27/2017VulD...qualys_id370609qualys.com09/27/2017accepted100
714187709/27/2017VulD...securityfocus_titleIBM Business Process Manager CVE-2017-1531 HTML Injection Vulnerabilitysecurityfocus.com09/27/2017accepted100

Want to stay up to date on a daily basis?

Enable the mail alert feature now!