Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.Referenceshttp://www-01.ibm.com/support/docview.wss?uid=swg21990852http://www.securityfocus.com/bid/93353http://www-01.ibm.com/support/docview.wss?uid=swg1JR56391
