exploitDog

CVE-2023-26214

Опубликовано: 22 фев. 2023

Источник: nvd

CVSS3: 7.3

CVSS3: 5.4

EPSS Низкий

Описание

The BusinessConnect UI component of TIBCO Software Inc.'s TIBCO BusinessConnect contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect: versions 7.3.0 and below.

Ссылки

https://www.tibco.com/services/support/advisories
Vendor Advisory
https://www.tibco.com/services/support/advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tibco:businessconnect:*:*:*:*:-:*:*:*

Версия до 7.3.1 (исключая)

EPSS

Процентиль: 69%

0.00599

Низкий

7.3 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-88fg-35x5-9f8p

CVSS3: 5.4

github

почти 3 года назад

The BusinessConnect UI component of TIBCO Software Inc.'s TIBCO BusinessConnect contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect: versions 7.3.0 and below.

EPSS

Процентиль: 69%

0.00599

Низкий

7.3 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79