cbcvebase.
CVE-2015-0106
published 2015-03-24

CVE-2015-0106: Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5…

medium4.3CVSS 3.1
AVNACMAuNCNIPAN
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected

20 ranges
VendorProductVersion rangeFixed in
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmbusiness_process_manager
ibmwebsphere_application_server
ibmwebsphere_application_server
ibmwebsphere_application_server
ibmwebsphere_application_server
ibmwebsphere_application_server
ibmwebsphere_application_server
ibmwebsphere_application_server