CVE-2016-3056

Name of the Vulnerable Software and Affected Versions IBM Business Process Manager versions 7.5 through 7.5.1.2 IBM Business Process Manager versions 8.0 through 8.0.1.3 IBM Business Process Manager versions prior to 8.5.7.0 CF2016.09

Description A cross-site scripting (XSS) issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via crafted content. This affects the Business Space component.

Recommendations For versions 7.5 through 7.5.1.2, update to a version after 7.5.1.2. For versions 8.0 through 8.0.1.3, update to a version after 8.0.1.3. For versions prior to 8.5.7.0 CF2016.09, update to version 8.5.7.0 CF2016.09 or later.