VYPR

BRMS

by JBoss

CVEs (1)

  • CVE-2016-8608MedAug 1, 2018
    risk 0.35cvss 5.4epss 0.01

    JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly…