Critical Severity

Security Bulletin: Cross-Site Scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4557

Share this post:

IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack.

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Business Automation Workflow V20.0
V19.0
V18.0
IBM Business Process Manager V8.6
V8.5

 

For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6241338

More stories

Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC.

Feb 25, 2021 7:00 pm EST | Critical Severity

Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway (CVE-2020-14803, CVE-2020-27221)

Feb 24, 2021 7:00 pm EST | Critical Severity

There are multiple vulnerabilities in IBM Runtime Environment Java Version 8.0 used by IBM MessageGateway These issues were disclosed as part of the IBM Java SDK updates in January, 2021. ...read more


Security Bulletin: A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager.

Feb 23, 2021 7:00 pm EST | Critical Severity

A security vulnerability in Node.js nodemailer module affects IBM Cloud Automation Manager. ...read more