CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2014-0957
https://notcve.org/view.php?id=CVE-2014-0957
18 Jul 2014 — Cross-site scripting (XSS) vulnerability in IBM Business Process Manager 7.5 through 8.5.5, and WebSphere Lombardi Edition 7.2, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers a service failure. Vulnerabilidad de XSS en IBM Business Process Manager 7.5 hasta 8.5.5, y WebSphere Lombardi Edition 7.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada que provoca un fallo de servicio. • http://secunia.com/advisories/59557 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0707
https://notcve.org/view.php?id=CVE-2012-0707
23 Feb 2012 — Cross-site scripting (XSS) vulnerability in IBM WebSphere Lombardi Edition 7.2 allows remote attackers to inject arbitrary web script or HTML via crafted text input to a coach that is configured with a document attachment control section. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en IBM WebSphere Lombardi Edition v7.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de la introducción de texto diseñado a un entrenador que está configurado c... • http://secunia.com/advisories/48055 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •