Description
Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes.
Remediation
References
http://rhn.redhat.com/errata/RHSA-2016-1968.html
http://rhn.redhat.com/errata/RHSA-2016-1969.html
http://www.securityfocus.com/bid/93219
https://bugzilla.redhat.com/show_bug.cgi?id=1358523
Related Vulnerabilities
CVE-2014-3600 Vulnerability in maven package org.apache.activemq:activemq-core
CVE-2023-4863 Vulnerability in npm package electron
CVE-2023-22580 Vulnerability in npm package sequelize
CVE-2021-41189 Vulnerability in maven package org.dspace:dspace-api
CVE-2020-2111 Vulnerability in maven package org.jenkins-ci.plugins:subversion