CVE-2019-17332

Опубликовано: 12 нояб. 2019

Источник: nvd

CVSS3: 7.3

CVSS3: 5.4

CVSS2: 4.3

EPSS Низкий

Описание

The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.

Ссылки

http://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332
Vendor Advisory
http://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:ebx_add-ons:*:*:*:*:*:*:*:*

Версия до 3.20.13 (включая)

cpe:2.3:a:tibco:ebx_add-ons:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:ebx_add-ons:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:tibco:ebx_add-ons:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:tibco:ebx_add-ons:4.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00365

Низкий

7.3 High

CVSS3

5.4 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3q42-g7pm-w4xc

github

больше 3 лет назад

EPSS

Процентиль: 58%

0.00365

Низкий

7.3 High

CVSS3

5.4 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79