Medium Severity

Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4698

Share this post:

IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Business Automation Workflow V20.0
V19.0
V18.0
IBM Business Process Manager V8.6
V8.5

For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6326825

More stories

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics – Log Analysis

Apr 20, 2021 8:00 pm EDT | Medium Severity

There are vulnerabilities in various versions of Eclipse Jetty that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. ...read more



Security Bulletin: SMTP for IBM i is affected by CVE-2021-20501

Apr 20, 2021 8:00 pm EDT | Medium Severity

SMTP is used by IBM i. IBM i has addressed the applicable CVE. ...read more