Jboss Business Rules Management System

jboss_business_rules_management_system

Vendor: Redhat • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-2487 2Apache Redhat 10Cxf Jboss Business Rules Management SystemJboss Enterprise Application Platform+7 more Nov 21, 2024 Mar 11, 2020 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
CVE-2010-3857 1Redhat 1Jboss Business Rules Management System Nov 21, 2024 Nov 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.
CVE-2016-8608 1Redhat 2Jboss Bpm Suite Jboss Business Rules Management System Nov 21, 2024 Aug 1, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business pro...Show more JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showing to other users, including admins.Show less