← volver
CVE-2022-41565

TIBCO EBX Cross Site Scripting (XSS) Vulnerability

CVSS 8.7 HIGHEPSS 0.4%
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.7EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 feb 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.21 and below, versions 6.0.11 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.2.0 and below.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Productos afectados
TIBCO Software Inc. · TIBCO EBXTIBCO Software Inc. · TIBCO Product and Service Catalog powered by TIBCO EBX

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.tibco.com/services/support/advisories