https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-04T12:31:33.735252+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/d8dbba88-36b4-4d7b-a517-395a1650f7b8/exportd8dbba88-36b4-4d7b-a517-395a1650f7b82026-05-04T12:31:34.127234+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "d8dbba88-36b4-4d7b-a517-395a1650f7b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-5398", "type": "seen", "source": "https://t.me/VulnerabilityNews/380", "content": "JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showing to other users, including admins.\nPublished at: August 01, 2018 at 04:29PM\nView on website", "creation_timestamp": "2018-08-01T19:18:39.000000Z"}2018-08-01T19:18:39+00:00