Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL that triggers an error condition.

IBM商业流程管理器(BPM)7.5.x至7.5.1.2、8.0.x至8.0.1.3、8.5.x至8.5.5.0以及WebSphere Lombardi Edition (WLE) 7.2.x至7.2.0.5的跨站脚本(XSS)漏洞允许远程登录的用户通过构造的URL注入任意的网页脚本或HTML，触发错误条件。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）