Unrated severityNVD Advisory· Published Sep 4, 2014· Updated Jun 17, 2026
CVE-2014-3075
CVE-2014-3075
Description
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 8.5.5 and WebSphere Lombardi Edition 7.2.0.x allows remote authenticated users to inject arbitrary web script or HTML via an uploaded file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:ibm:business_process_manager:7.5.0.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:ibm:business_process_manager:7.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:7.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:7.5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:7.5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:7.5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:*
- (no CPE)range: 7.5.0.0 - 8.5.5 inclusive
cpe:2.3:a:ibm:websphere_application_server:7.2.0.1:*:*:*:lombardi:*:*:*+ 5 more
- cpe:2.3:a:ibm:websphere_application_server:7.2.0.1:*:*:*:lombardi:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.2.0.2:*:*:*:lombardi:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.2.0.3:*:*:*:lombardi:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.2.0.4:*:*:*:lombardi:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.2.0.5:*:*:*:lombardi:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.2:*:*:*:lombardi:*:*:*
- Range: 7.2.0.x
Patches
Vulnerability mechanics
References
3- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/93817nvd
News mentions
0No linked articles in our index yet.