IBM Security Bulletin: Cross-site scripting vulnerability in IBM Business Process Manager (BPM) redirect-login mechanism (CVE-2014-6101)
IBM Business Process Manager uses a mechanism to silently login users who have previously authenticated themselves. This mechanism is vulnerable to cross-site scripting attacks. CVE(s): CVE-2014-6101 Affected product(s) and affected version(s):...
from IBM Product Security Incident Response Team http://ibm.co/1rVsHJZ
from IBM Product Security Incident Response Team http://ibm.co/1rVsHJZ