IBM Security Bulletin: Cross-Site Scripting vulnerability affects IBM Process Designer used in IBM Business Process Manager (CVE-2017-1494)

IBM Process Designer used in IBM Business Process Manager is vulnerable to Cross-Site Scripting.

CVE(s): CVE-2017-1494

Affected product(s) and affected version(s):

This vulnerability affects IBM Business Process Manager V8.0 through V8.6.0 2017.09.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22011849
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128692

The post IBM Security Bulletin: Cross-Site Scripting vulnerability affects IBM Process Designer used in IBM Business Process Manager (CVE-2017-1494) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2DMWplL