The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable vulnerabilities that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using these vulnerabilities requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below.
References
Link | Resource |
---|---|
https://www.tibco.com/services/support/advisories | Vendor Advisory |
https://www.tibco.com/support/advisories/2022/05/tibco-security-advisory-may-18-2022-tibco-bctcm-cve-2022-22776 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tibco
Published: 2022-05-18T00:00:00
Updated: 2022-05-18T17:06:17
Reserved: 2022-01-07T00:00:00
Link: CVE-2022-22776
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-18T17:15:08.473
Modified: 2022-05-31T13:18:34.143
Link: CVE-2022-22776
JSON object: View
Redhat Information
No data.
CWE