|Impact:||Cross-site Scripting (XSS)|
|Software:||IBM Business Process Manager 8.x|
A cross-site scripting vulnerability was discovered in IBM Business Process Manager.
Vulnerability is caused by an unspecified input validation error. A remote attacker can send a specially crafted HTTP request to the vulnerable application and execute arbitrary html and scripting code in user`s browser in context of a vulnerable website.
Further exploitation of this vulnerability may result in stealing potentially sensitive to the user information, such as cookies, or disguising the information presented on the website.
For : Apply interim fix for APAR JR50241.