Vulnerabilities > IBM > Business Automation Workflow
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-11 | CVE-2020-4768 | Cross-site Scripting vulnerability in IBM Business Automation Workflow and Case Manager IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. | 5.4 |
| 2020-12-21 | CVE-2020-4794 | Incorrect Authorization vulnerability in IBM products IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. | 5.4 |
| 2020-11-30 | CVE-2020-4900 | Information Exposure Through Log Files vulnerability in IBM Business Automation Workflow 19.0.0.3 IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2020-11-16 | CVE-2020-4672 | Cross-site Scripting vulnerability in IBM Business Automation Workflow 20.0.0.1 IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. | 5.4 |
| 2020-09-25 | CVE-2020-4531 | Unchecked Return Value vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2020-09-15 | CVE-2020-4530 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow C.D.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 are vulnerable to cross-site scripting. | 5.4 |
| 2020-09-08 | CVE-2020-4698 | Cross-site Scripting vulnerability in IBM products IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. | 5.4 |
| 2020-09-08 | CVE-2020-4516 | Cross-site Scripting vulnerability in IBM products IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. | 5.4 |
| 2020-06-29 | CVE-2020-4557 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. | 5.4 |
| 2020-06-17 | CVE-2020-4532 | Information Exposure Through an Error Message vulnerability in IBM products IBM Business Automation Workflow and IBM Business Process Manager (IBM Business Process Manager Express 8.5.5, 8.5.6, 8.5.7, and 8.6) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |