Medium Severity

Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4530

Share this post:

IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack. This vulnerability only affects BPM and BAW profiles of type “Advanced”.

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Business Automation Workflow C.D.0
IBM Business Process Manager 8.0, 8.5, 8.6

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6332417

More stories

Security Bulletin: IBM InfoSphere Information Server is vulnerable to Cross-frame scripting

Sep 24, 2020 8:00 pm EDT | Medium Severity

A Cross-frame scripting vulnerability was addressed by IBM InfoSphere Information Server. ...read more


Security Bulletin: A vulnerability in IBM Java Runtime affect IBM Spectrum Conductor and IBM Spectrum Conductor with Spark

Sep 24, 2020 8:00 pm EDT | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3.0, and IBM Spectrum Conductor with Spark 2.2.1. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3, and IBM Spectrum Conductor with Spark 2.2.1 have addressed the applicable CVE. ...read more


Security Bulletin: Information disclosure vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4531

Sep 24, 2020 8:00 pm EDT | Medium Severity

IBM Business Process Manager (Advanced) and IBM Business Automation Workflow are vulnerable to an information disclosure attack. ...read more