CVE-2022-30577
Summary
| CVE | CVE-2022-30577 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-09-21 18:15:00 UTC |
| Updated | 2022-09-22 19:31:00 UTC |
| Description | The Web Server component of TIBCO Software Inc.'s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 6.0.0 through 6.0.8. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| TIBCO Security Advisory: September 21, 2022 - TIBCO EBX - CVE-2022-30577 | TIBCO Software | CONFIRM | www.tibco.com | |
| Advisory | TIBCO Software | CONFIRM | www.tibco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: TIBCO would like to extend its appreciation to Javier Sánchez Ávila of Entelgy Innotec Security for discovery of this vulnerability.
There are currently no legacy QID mappings associated with this CVE.