May 4, 2022
Categorized: Medium Severity
Share this post:
Cross Site Scripting vulnerabilities in jQuery might affect Process Portal in IBM Business Automation Workflow and IBM Business Process Manager (BPM).
CVE(s): CVE-2020-7656, CVE-2020-11023, CVE-2020-11022, IBM X-Force ID: 180875
Affected product(s) and affected version(s):
|IBM Business Automation Workflow
|IBM Business Process Manager
For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6326835
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/182264
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/181350
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/181349