Vulnerabilities > IBM > Business Automation Workflow > 18.0.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-06 | CVE-2023-24957 | Cross-site Scripting vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2022-03-18 | CVE-2021-39046 | Insufficiently Protected Credentials vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. | 4.9 |
| 2021-12-21 | CVE-2021-38900 | Unspecified vulnerability in IBM products IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. | 6.5 |
| 2021-12-17 | CVE-2021-38883 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. | 5.4 |
| 2021-10-18 | CVE-2021-29878 | Cross-site Scripting vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. | 5.4 |
| 2021-09-29 | CVE-2021-29834 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored cross-site scripting. | 5.4 |
| 2021-02-11 | CVE-2020-4768 | Cross-site Scripting vulnerability in IBM Business Automation Workflow and Case Manager IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. | 5.4 |
| 2020-12-21 | CVE-2020-4794 | Incorrect Authorization vulnerability in IBM products IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. | 5.4 |
| 2020-09-15 | CVE-2020-4530 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow C.D.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 are vulnerable to cross-site scripting. | 5.4 |
| 2020-09-08 | CVE-2020-4698 | Cross-site Scripting vulnerability in IBM products IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. | 5.4 |