The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.
References
Link | Resource |
---|---|
http://www.tibco.com/services/support/advisories | Vendor Advisory |
https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17331 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-11-12 12:15
Updated : 2019-11-14 19:03
NVD link : CVE-2019-17331
Mitre link : CVE-2019-17331
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
tibco
- ebx_add-ons