JR54981: SECURITY APAR - CVE-2015-8524 - CROSS-SITE SCRIPTING POSSIBLE IN IBM PROCESS PORTAL
Direct links to fixes
Closed as program error.
Multiple elements in IBM Process Portal are vulnerable to a cross-site scripting attack. PRODUCTS AFFECTED IBM Business Process Manager (BPM) Advanced IBM BPM Standard IBM BPM Express
No additional information is available.
A fix for IBM BPM V126.96.36.199, V188.8.131.52, and V184.108.40.206 is available. On Fix Central (http://www.ibm.com/support/fixcentral), search for JR54981: 1. Select IBM Business Process Manager with your edition from the product selector, the installed version to the fix pack level, and your platform, and then click Continue. 2. Select APAR or SPR, enter JR54981, and click Continue. For V220.127.116.11, this fix is built on IBM BPM 18.104.22.168 cumulative fix 2 and might be included in a later cumulative fix. To determine whether the later cumulative fix is available and download it if it is, complete the following steps on Fix Central: 1. Select IBM Business Process Manager with your edition from the product selector, the installed version to the fix pack level, and your platform, and then click Continue. 2. Select Text, enter 'cumulative fix' and click Continue. When you download fix packages, ensure that you also download the readme file for each fix. Review each readme file for additional installation instructions and information about the fix.
Reported component name
Reported component ID
NoSpecatt / Xsystem
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels