Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-83782
HistoryOct 19, 2021 - 12:00 a.m.

IBM Business Automation Workflow Cross-Site Scripting Vulnerability

2021-10-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
ibm business automation workflow
cross-site scripting
vulnerability
web ui
credential disclosure
request parameters

EPSS

0.001

Percentile

19.6%

JSON

IBM Business Automation Workflow is a workflow automation solution from IBM Corporation. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability.IBM Business Automation Workflow suffers from a cross-site scripting vulnerability that stems from the software’s lack of effective validation and escaping of user-submitted request parameters. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI to change the intended functionality, potentially leading to credential disclosure in trusted sessions.

Related

cve 1
prion 1
cvelist 1
ibm 1
nvd 1
cve
cve
CVE-2021-29878
2021-10-18 17:15:07
prion
prion
Cross site scripting
2021-10-18 17:15:00
cvelist
cvelist
CVE-2021-29878
2021-10-18 16:35:11
ibm
ibm
Security Bulletin: Cross site scripting vulnerability affecting Case Builder in IBM Business Automation Workflow - CVE-2021-29878
2021-10-15 16:21:28
nvd
nvd
CVE-2021-29878
2021-10-18 17:15:07

EPSS

0.001

Percentile

19.6%

JSON
Related for CNVD-2021-83782
cve1prion1cvelist1ibm1nvd1