VYPR
Medium severity5.4NVD Advisory· Published Oct 5, 2016· Updated Jun 17, 2026

CVE-2016-5901

CVE-2016-5901

Description

Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:ibm:business_process_manager:8.5.6.0:*:*:*:advanced:*:*:*+ 3 more
    • cpe:2.3:a:ibm:business_process_manager:8.5.6.0:*:*:*:advanced:*:*:*
    • cpe:2.3:a:ibm:business_process_manager:8.5.6.1:*:*:*:advanced:*:*:*
    • cpe:2.3:a:ibm:business_process_manager:8.5.6.2:*:*:*:advanced:*:*:*
    • cpe:2.3:a:ibm:business_process_manager:8.5.7.0:*:*:*:advanced:*:*:*
  • Range: 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.