Unrated severityNVD Advisory· Published Jan 26, 2021· Updated Sep 16, 2024
TIBCO BPM Cross Site Scripting (XSS)
CVE-2021-23272
Description
The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BPM Enterprise: versions 4.3.0 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.0 and below.
Affected products
3- Range: <=4.3.0
<=4.3.0+ 1 more
- (no CPE)range: <=4.3.0
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- www.tibco.com/services/support/advisoriesmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.