CVE-2013-6465
19.12.2017, 19:29
Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | jbpm | 6.0.0 |
| redhat | jbpm | 6.0.0:alpha7 |
| redhat | jbpm | 6.0.0:alpha9 |
| redhat | jbpm | 6.0.0:beta1 |
| redhat | jbpm | 6.0.0:beta2 |
| redhat | jbpm | 6.0.0:beta3 |
| redhat | jbpm | 6.0.0:beta4 |
| redhat | jbpm | 6.0.0:beta5 |
| redhat | jbpm | 6.0.0:cr1 |
| redhat | jbpm | 6.0.0:cr2 |
| redhat | jbpm | 6.0.0:cr3 |
| redhat | jbpm | 6.0.0:cr4 |
| redhat | jbpm | 6.0.0:cr5 |
𝑥
= Vulnerable software versions
References