Vulnerabilities > IBM > Business Process Manager Enterprise Service BUS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-08 | CVE-2018-1885 | Information Exposure vulnerability in IBM products IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. | 5.3 |
| 2018-03-30 | CVE-2018-1384 | Cross-site Scripting vulnerability in IBM products IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-03-30 | CVE-2017-1765 | Information Exposure vulnerability in IBM Business Process Manager IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server. | 4.3 |
| 2018-03-30 | CVE-2017-1756 | Information Exposure vulnerability in IBM Business Process Manager IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |