Medium Severity

Security Bulletin: Cross-site scripting vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4516

Share this post:

IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack.

Affected product(s) and affected version(s):


Affected Product(s) Version(s)
IBM Business Automation Workflow V20.0
IBM Business Process Manager V8.6


For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.


Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin:

More stories

Security Bulletin: IBM InfoSphere Information Server is affected by a cross-site request forgery vulnerability

Mar 3, 2021 7:00 pm EST | Medium Severity

A cross-site request forgery vulnerability was addressed by IBM InfoSphere Information Server. more

Security Bulletin: IBM MQ Appliance is affected by a systemd vulnerability (CVE-2019-20386)

Mar 3, 2021 7:00 pm EST | Medium Severity

IBM MQ Appliance has resolved a systemd vulnerability. more