April 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-25912 – Node.js simple-git module Vulnerability
December 12, 2022Rewterz Threat Advisory – CVE-2022-45910 – Apache ManifoldCF Vulnerability
December 12, 2022Rewterz Threat Advisory – CVE-2022-25912 – Node.js simple-git module Vulnerability
December 12, 2022Rewterz Threat Advisory – CVE-2022-45910 – Apache ManifoldCF Vulnerability
December 12, 2022
Severity
Medium
Analysis Summary
CVE-2022-41735
IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1 through 20.0.0.2 19.0.0.1 through 19.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Impact
Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2022-41735
Affected Vendors
IBM
Affected Products
- IBM Business Automation Workflow containers 20.0.0.1
- IBM Business Automation Workflow traditional 19.0.0.1
- IBM Business Automation Workflow traditional 19.0.0.3
- IBM Business Automation Workflow traditional 20.0.0.1
- IBM Business Automation Workflow traditional 20.0.0.2
- IBM Business Automation Workflow traditional 21.0.1
- IBM Business Automation Workflow containers 20.0.0.2
- IBM Business Automation Workflow containers 21.0.3
- IBM Business Automation Workflow containers 21.0.2
- IBM Business Automation Workflow containers 22.0.1
- IBM Business Automation Workflow traditional 22.0.1
- IBM Business Automation Workflow traditional 19.0.0.2
- IBM Business Automation Workflow traditional 21.0.3.1
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.
