CVE-2015-0101Cross-site Scripting in IBM Business Process Manager

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 54.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Business Process Manager
Timeline
PublishedAug 28
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; and IBM Business Process Manager Advanced 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

NVDibm/business_process_manager13 versions+12

🔴Vulnerability Details

2
GHSA
GHSA-rg6q-43cp-459r: Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 72022-05-17
CVEList
CVE-2015-0101: Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 72017-08-28
CVE-2015-0101 — Cross-site Scripting in IBM | cvebase