Critical Severity

Security Bulletin: Cross-Site Scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4557

Oct 12, 2020 8:00 pm EDT

Categorized: Critical Severity

Share this post:

IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack.

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Business Automation Workflow V20.0
V19.0
V18.0
IBM Business Process Manager V8.6
V8.5

 

For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6241338


Previous Post

Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4698

Next Post

Security Bulletin: IBM MQ Appliance is affected by an information disclosure vulnerability (CVE-2020-4528)
More stories

Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC.

Feb 25, 2021 7:00 pm EST | Critical Severity

Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. ...read more

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway (CVE-2020-14803, CVE-2020-27221)

Feb 24, 2021 7:00 pm EST | Critical Severity

There are multiple vulnerabilities in IBM Runtime Environment Java Version 8.0 used by IBM MessageGateway These issues were disclosed as part of the IBM Java SDK updates in January, 2021. ...read more

Security Bulletin: A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager.

Feb 23, 2021 7:00 pm EST | Critical Severity

A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager. ...read more