CVE-2015-0101

Name of the Vulnerable Software and Affected Versions IBM Business Process Manager Standard versions 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5 IBM Business Process Manager Express versions 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5 IBM Business Process Manager Advanced versions 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5

Description The issue is related to a cross-site scripting (XSS) vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into content from otherwise trusted websites.

Recommendations For IBM Business Process Manager Standard versions 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5, update to version 7.5, 8.0.1, or 8.5.5 or later. For IBM Business Process Manager Express versions 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5, update to version 7.5, 8.0.1, or 8.5.5 or later. For IBM Business Process Manager Advanced versions 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5, update to version 7.5, 8.0.1, or 8.5.5 or later.