Lucene search
Redhat.comRH:CVE-2016-8608HistoryNov 28, 2016 - 5:47 p.m.
CVE-2016-8608
2016-11-2817:47:35
redhat.com
access.redhat.com
6
0.001 Low
EPSS
Percentile
44.2%
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showing to other users, including admins.
Related
nvd
nvd
CVE-2016-8608
2018-08-01 14:29:00
CVE-2016-5398
2016-10-03 18:59:06
cve
cve
CVE-2016-8608
2018-08-01 14:29:00
CVE-2016-5398
2016-10-03 18:59:06
prion
prion
Cross site scripting
2018-08-01 14:29:00
Cross site scripting
2016-10-03 18:59:00
cvelist
cvelist
CVE-2016-8608
2018-08-01 14:00:00
CVE-2016-5398
2016-10-03 18:00:00
redhat
redhat
(RHSA-2016:2822) Moderate: Red Hat JBoss BPM Suite security update
2016-11-28 17:46:38
(RHSA-2016:2823) Moderate: Red Hat JBoss BRMS security update
2016-11-28 17:47:01
(RHSA-2016:1969) Moderate: Red Hat JBoss BPM Suite security update
2016-09-28 22:20:32
redhatcve
redhatcve
CVE-2016-5398
2016-09-28 23:17:51