Description
Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1358523
http://www.securityfocus.com/bid/93219
http://rhn.redhat.com/errata/RHSA-2016-1969.html
http://rhn.redhat.com/errata/RHSA-2016-1968.html
Related Vulnerabilities
CVE-2023-40167 Vulnerability in maven package org.eclipse.jetty:jetty-http
CVE-2022-21126 Vulnerability in maven package com.github.samtools:htsjdk
CVE-2022-41229 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration
CVE-2020-10693 Vulnerability in maven package org.hibernate.validator:hibernate-validator