CVE-2019-17338

Опубликовано: 28 янв. 2020

Источник: nvd

CVSS3: 7.3

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Patterns - Search: versions 5.4.0 and below.

Ссылки

http://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns
Vendor Advisory
http://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/support/advisories/2020/01/tibco-security-advisory-january-28-2020-tibco-patterns
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tibco:patterns_-_search:*:*:*:*:*:*:*:*

Версия до 5.4.0 (включая)

EPSS

Процентиль: 59%

0.00389

Низкий

7.3 High

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-jqfp-59mg-5whf

github

больше 3 лет назад

EPSS

Процентиль: 59%

0.00389

Низкий

7.3 High

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79