CVE-2014-8913 | HackTesting

Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8914.

References

http://secunia.com/advisories/62205

http://www-01.ibm.com/support/docview.wss?uid=swg21693239

http://www.securitytracker.com/id/1031614

https://exchange.xforce.ibmcloud.com/vulnerabilities/99284

http://www-01.ibm.com/support/docview.wss?uid=swg1JR51742