Thursday, December 12, 2019

Security Bulletin: A cross site scripting security vulnerability has been identified with Case Builder component shipped with IBM Business Automation Workflow (CVE-2019-4426)

Case Builder component shipped with IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Business Automation Workflow C.D.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1135552

The post Security Bulletin: A cross site scripting security vulnerability has been identified with Case Builder component shipped with IBM Business Automation Workflow (CVE-2019-4426) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2RSWR7A

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.