Lucene search
China National Vulnerability DatabaseCNVD-2022-15537HistoryDec 21, 2021 - 12:00 a.m.
IBM Business Automation Workflow Cross-Site Scripting Vulnerability (CNVD-2022-15537)
2021-12-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
ibm
automation workflow
cross-site scripting
vulnerability
credential disclosure
web ui
ibm usa
compliance management
workflow visibility
workflow management
stored xss
EPSS
0.001
Percentile
23.6%
IBM Business Automation Workflow is a workflow automation solution from IBM USA. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability.IBM Business Automation Workflow has a security vulnerability that stems from the vulnerability of IBM Business Automation Workflow to stored cross-site scripting. An attacker could exploit the vulnerability to allow users to embed arbitrary JavaScript code in the Web UI to alter the intended functionality, which could lead to credential disclosure in trusted sessions.
Related
cvelist
cvelist
CVE-2021-38893
2021-12-21 19:10:14
nvd
nvd
CVE-2021-38893
2021-12-21 19:15:07
prion
prion
Cross site scripting
2021-12-21 19:15:00
ibm
ibm
Security Bulletin: Cross-Site Scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2021-38893
2022-03-10 21:29:40
cve
cve
CVE-2021-38893
2021-12-21 19:15:07