Vulnerabilities > IBM > Business Automation Workflow > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-21 | CVE-2021-38900 | Unspecified vulnerability in IBM products IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access controls. | 6.5 |
| 2021-12-17 | CVE-2021-38883 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. | 5.4 |
| 2021-11-05 | CVE-2021-29753 | Cleartext Transmission of Sensitive Information vulnerability in IBM products IBM Business Automation Workflow 18. | 5.9 |
| 2021-10-22 | CVE-2021-29835 | Cross-site Scripting vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. | 6.1 |
| 2021-10-18 | CVE-2021-29878 | Cross-site Scripting vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. | 5.4 |
| 2021-09-29 | CVE-2021-29834 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored cross-site scripting. | 5.4 |
| 2021-06-28 | CVE-2021-29751 | Unspecified vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. | 4.3 |
| 2021-06-28 | CVE-2021-29775 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. | 5.4 |
| 2021-02-11 | CVE-2020-4768 | Cross-site Scripting vulnerability in IBM Business Automation Workflow and Case Manager IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. | 5.4 |
| 2020-12-21 | CVE-2020-4794 | Incorrect Authorization vulnerability in IBM products IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. | 5.4 |