CVE-2018-12409
MEDIUMTIBCO Silver Fabric <= 5.8.1 - Reflected Cross-Site Scripting in SOAP Admin API
Title source: llmDescription
The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Silver Fabric: versions up to and including 5.8.1.
References (3)
Core 3
Core References
Third Party Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107024
Vendor Advisory x_refsource_misc
http://www.tibco.com/services/support/advisories
Mitigation, Patch, Vendor Advisory x_refsource_confirm
https://www.tibco.com/support/advisories/2019/02/tibco-security-advisory-february-13-2019-tibco-silver-fabric
Scores
CVSS v3
6.1
EPSS
0.0030
EPSS Percentile
53.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
tibco/silver_fabric
< 5.8.1
Published
Feb 13, 2019
Tracked Since
Feb 18, 2026