IBM Business Process Manager Dojo Toolkit Cross-Site Scripting Vulnerabilities
Description
IBM has acknowledged multiple vulnerabilities in IBM Business Process Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
For more information:
SA62590
The vulnerabilities are reported in versions 8.0.1, 8.5.0, 8.5.5, and 8.5.6.
Vulnerable Products
Vulnerable Software: IBM Business Process Manager 8.x
Solution
Apply APARs.Version 8.0.1:Apply APARs JR52393, JR53081, and JR52958.Version 8.5.0:Apply APARs JR52393 and JR53081.Versions 8.5.5 and 8.5.6:Apply APARs JR52393, JR53081, JR52774, and JR52775.
