漏洞类别:Local
漏洞等级: 
漏洞信息
IBM Business Process Manager is a comprehensive BPM platform that provides visibility and insight to manage business processes.
Due to insufficient validation of input parameters and the failure to honor a configuration setting, authenticated users can send JavaScript for execution on the server side. Affected Versions:
IBM Business Process Manager V7.5.1 through V8.5.6.0
漏洞危害
If this vulnerability is successfully exploited, attackers can send JavaScript for execution on the server side.
解决方案
Please refer to the following link swg21959052.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论