Cross-site scripting (XSS) vulnerability in the REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
IBM
XSS
Business Process Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%