Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.6.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

IBM商业流程管理器(BPM)7.5.x through 7.5.1.2、8.0.x through 8.0.1.3、8.5.x through 8.5.6.0和WebSphere Lombardi Edition(WLE)7.2.x through 7.2.0.5的跨站脚本(XSS)漏洞允许远程授权用户通过精心构造的URL注入任意的网页脚本或HTML。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）