What is the severity of CVE-2016-0227?

CVE-2016-0227 is rated as medium severity due to its potential for cross-site scripting attacks.

How do I fix CVE-2016-0227?

To fix CVE-2016-0227, apply the latest security updates provided by IBM for affected versions of Business Process Manager.

Which versions of IBM Business Process Manager are affected by CVE-2016-0227?

CVE-2016-0227 affects IBM Business Process Manager versions 8.0 through 8.0.1.3 and versions 8.5.0 through 8.5.6.2.

What kind of attack can CVE-2016-0227 facilitate?

CVE-2016-0227 can facilitate cross-site scripting (XSS) attacks, allowing attackers to inject arbitrary web scripts or HTML.

Who can exploit the vulnerability in CVE-2016-0227?

CVE-2016-0227 can be exploited by remote authenticated users who can craft malicious URLs.

Vulnerability/
CVE-2016-0227

medium

5.4

CWE

3/3/2016

5/8/2024

CVE-2016-0227: XSS

First published: Thu Mar 03 2016(Updated: )

Cross-site scripting (XSS) vulnerability in the document-list control implementation in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, and 8.5.5 and 8.5.6 through 8.5.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Business Process Manager	=8.0.0.0
IBM Business Process Manager	=8.0.0.0
IBM Business Process Manager	=8.0.0.0
IBM Business Process Manager	=8.0.1.0
IBM Business Process Manager	=8.0.1.0
IBM Business Process Manager	=8.0.1.0
IBM Business Process Manager	=8.0.1.1
IBM Business Process Manager	=8.0.1.1
IBM Business Process Manager	=8.0.1.1
IBM Business Process Manager	=8.0.1.2
IBM Business Process Manager	=8.0.1.2
IBM Business Process Manager	=8.0.1.2
IBM Business Process Manager	=8.0.1.3
IBM Business Process Manager	=8.0.1.3
IBM Business Process Manager	=8.0.1.3
IBM Business Process Manager	=8.5.0.0
IBM Business Process Manager	=8.5.0.0
IBM Business Process Manager	=8.5.0.0
IBM Business Process Manager	=8.5.0.1
IBM Business Process Manager	=8.5.0.1
IBM Business Process Manager	=8.5.0.1
IBM Business Process Manager	=8.5.0.2
IBM Business Process Manager	=8.5.0.2
IBM Business Process Manager	=8.5.0.2
IBM Business Process Manager	=8.5.5.0
IBM Business Process Manager	=8.5.5.0
IBM Business Process Manager	=8.5.5.0
IBM Business Process Manager	=8.5.6.0
IBM Business Process Manager	=8.5.6.0
IBM Business Process Manager	=8.5.6.0
IBM Business Process Manager	=8.5.6.2
IBM Business Process Manager	=8.5.6.2
IBM Business Process Manager	=8.5.6.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-0227?
CVE-2016-0227 is rated as medium severity due to its potential for cross-site scripting attacks.
How do I fix CVE-2016-0227?
To fix CVE-2016-0227, apply the latest security updates provided by IBM for affected versions of Business Process Manager.
Which versions of IBM Business Process Manager are affected by CVE-2016-0227?
CVE-2016-0227 affects IBM Business Process Manager versions 8.0 through 8.0.1.3 and versions 8.5.0 through 8.5.6.2.
What kind of attack can CVE-2016-0227 facilitate?
CVE-2016-0227 can facilitate cross-site scripting (XSS) attacks, allowing attackers to inject arbitrary web scripts or HTML.
Who can exploit the vulnerability in CVE-2016-0227?
CVE-2016-0227 can be exploited by remote authenticated users who can craft malicious URLs.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/author
agent/last-modified-date
agent/weakness
agent/description
agent/tags
agent/event
agent/first-publish-date
agent/source
vendor/ibm
canonical/ibm business process manager
version/ibm business process manager/8.0.0.0
version/ibm business process manager/8.0.1.0
version/ibm business process manager/8.0.1.1
version/ibm business process manager/8.0.1.2
version/ibm business process manager/8.0.1.3
version/ibm business process manager/8.5.0.0
version/ibm business process manager/8.5.0.1
version/ibm business process manager/8.5.0.2
version/ibm business process manager/8.5.5.0
version/ibm business process manager/8.5.6.0
version/ibm business process manager/8.5.6.2

Frequently Asked Questions

What is the severity of CVE-2016-0227?
CVE-2016-0227 is rated as medium severity due to its potential for cross-site scripting attacks.
How do I fix CVE-2016-0227?
To fix CVE-2016-0227, apply the latest security updates provided by IBM for affected versions of Business Process Manager.
Which versions of IBM Business Process Manager are affected by CVE-2016-0227?
CVE-2016-0227 affects IBM Business Process Manager versions 8.0 through 8.0.1.3 and versions 8.5.0 through 8.5.6.2.
What kind of attack can CVE-2016-0227 facilitate?
CVE-2016-0227 can facilitate cross-site scripting (XSS) attacks, allowing attackers to inject arbitrary web scripts or HTML.
Who can exploit the vulnerability in CVE-2016-0227?
CVE-2016-0227 can be exploited by remote authenticated users who can craft malicious URLs.

CVE-2016-0227: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-0227?

How do I fix CVE-2016-0227?

Which versions of IBM Business Process Manager are affected by CVE-2016-0227?

What kind of attack can CVE-2016-0227 facilitate?

Who can exploit the vulnerability in CVE-2016-0227?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-0227?

How do I fix CVE-2016-0227?

Which versions of IBM Business Process Manager are affected by CVE-2016-0227?

What kind of attack can CVE-2016-0227 facilitate?

Who can exploit the vulnerability in CVE-2016-0227?