Medium Severity

Security Bulletin: Cross Site Scripting vulnerability in Google Web Toolkit may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2012-5920

Share this post:

IBM Business Process Manager and IBM Business Automation Workflow may be vulnerable to a cross site scripting attack.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Business Automation Workflow V20.0.0.1,
V19.0,
V18.0

V20.0.0.2 is NOT affected

IBM Business Process Manager V8.6, V8.5

For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6404370

More stories

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Spring

Feb 27, 2021 7:00 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Spring. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python

Feb 27, 2021 7:00 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Python. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Java

Feb 27, 2021 7:00 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Java. ...read more