Unrated severityNVD Advisory· Published Jan 21, 2015· Updated Jun 17, 2026
CVE-2014-8914
CVE-2014-8914
Description
Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8913.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:*:*:*:*
- (no CPE)range: 8.0-8.0.1.3, 8.5.0-8.5.0.1, 8.5.5
Patches
Vulnerability mechanics
References
6- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- secunia.com/advisories/62205nvd
- www.securitytracker.com/id/1031614nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/99285nvd
News mentions
0No linked articles in our index yet.