Unrated severityNVD Advisory· Published Nov 14, 2023· Updated Aug 30, 2024

TIBCO EBX Cross-site Scripting (XXS) Vulnerability

CVE-2023-26222

Description

The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.22 and below, versions 6.0.13 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 5.0.0 and below.

Affected products

TIBCO Software/TIBCO EBX Add-onscpe-rescue
Range: 0
TIBCO Software Inc./TIBCO Product and Service Catalog powered by TIBCO EBXv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tibco.com/services/support/advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000