CVE-2019-17333

MEDIUM

TIBCO EBX < 5.8.1 - Authenticated Stored Cross-Site Scripting

Title source: llm

Description

The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.1.fixS and below, versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, and 5.9.7.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

http://www.tibco.com/services/support/advisories

Vendor Advisory x_refsource_confirm

https://www.tibco.com/support/advisories/2020/02/tibco-security-advisory-february-19-2020-tibco-ebx

Scores

CVSS v3 5.4

EPSS 0.0040

EPSS Percentile 60.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (2)

tibco/ebx 5.8.1 (3 CPE variants)

tibco/ebx < 5.8.1

Published Feb 19, 2020

Tracked Since Feb 18, 2026