Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-41565

Опубликовано: 22 фев. 2023
Источник: nvd
CVSS3: 8.7
CVSS3: 5.4
EPSS Низкий

Описание

The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.21 and below, versions 6.0.11 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.2.0 and below.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tibco:ebx:*:*:*:*:*:*:*:*
Версия до 5.9.22 (исключая)
cpe:2.3:a:tibco:ebx:*:*:*:*:*:*:*:*
Версия от 6.0.0 (включая) до 6.0.12 (исключая)
cpe:2.3:a:tibco:product_and_service_catalog_powered_by_tibco_ebx:*:*:*:*:*:*:*:*
Версия до 1.2.1 (исключая)

EPSS

Процентиль: 69%
0.00599
Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-qh67-j37g-7pfm

CVSS3: 5.4
github
почти 3 года назад

The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.21 and below, versions 6.0.11 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.2.0 and below.

EPSS

Процентиль: 69%
0.00599
Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79