Vulnerability Details CVE-2019-17332
The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.6%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 4.3
References
- http://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332
- http://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332
Products affected by CVE-2019-17332
-
cpe:2.3:a:tibco:ebx_add-ons:-
-
cpe:2.3:a:tibco:ebx_add-ons:3.20.13
-
cpe:2.3:a:tibco:ebx_add-ons:4.1.0
-
cpe:2.3:a:tibco:ebx_add-ons:4.2.0
-
cpe:2.3:a:tibco:ebx_add-ons:4.2.1
-
cpe:2.3:a:tibco:ebx_add-ons:4.2.2