SymmetricalDataSecurity: IBM Security Bulletin: Cross-Site Scripting vulnerability in Business Space Help affects IBM Business Process Manager (BPM) and WebSphere Process Server (WPS)

Friday, September 22, 2017

IBM Security Bulletin: Cross-Site Scripting vulnerability in Business Space Help affects IBM Business Process Manager (BPM) and WebSphere Process Server (WPS) – CVE-2013-0464

IBM Eclipse Help System bundled with Business Space Help is vulnerable to Cross-Site Scripting.

CVE(s): CVE-2013-0464

Affected product(s) and affected version(s):

– WebSphere Process Server V7.0.0.0 – V7.0.0.5 (and likely earlier unsupported versions)
– IBM Business Process Manager Advanced V7.5.0.0 – V7.5.1.2
– IBM Business Process Manager all editions V8.0.0.0 – V8.0.1.3
– IBM Business Process Manager all editions V8.5.0.0 – V8.5.7.0 including cumulative fix 2017.06

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2yhQTjC
X-Force Database: http://ift.tt/2xo7lzJ

The post IBM Security Bulletin: Cross-Site Scripting vulnerability in Business Space Help affects IBM Business Process Manager (BPM) and WebSphere Process Server (WPS) – CVE-2013-0464 appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2yhRodL

SymmetricalDataSecurity

Friday, September 22, 2017

IBM Security Bulletin: Cross-Site Scripting vulnerability in Business Space Help affects IBM Business Process Manager (BPM) and WebSphere Process Server (WPS) – CVE-2013-0464

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews