Unrated severityNVD Advisory· Published Feb 22, 2023· Updated Aug 3, 2024

TIBCO EBX Cross Site Scripting (XSS) Vulnerability

CVE-2022-41565

Description

The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.21 and below, versions 6.0.11 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.2.0 and below.

Affected products

TIBCO Software/TIBCO EBX Add-onscpe-rescue
Range: unspecified
TIBCO Software Inc./TIBCO Product and Service Catalog powered by TIBCO EBXv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tibco.com/services/support/advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000