PT-2011-3110 · Tibco · Tibbr+1

Published

2011-03-22

Updated

2017-08-17

CVE-2011-1414

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions TIBCO tibbr versions 1.0.0 through 1.5.0 TIBCO tibbr Service versions 1.0.0 through 1.5.0

Description A cross-site scripting (XSS) issue exists in the tibbr web server, allowing remote attackers to inject arbitrary web script or HTML. This could potentially lead to unauthorized actions on the web application.

Recommendations For TIBCO tibbr versions 1.0.0 through 1.5.0, update to a version that contains a fix for this issue. For TIBCO tibbr Service versions 1.0.0 through 1.5.0, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the tibbr web server to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2011-1414

Affected Products

Tibbr

Tibbr Service

PT-2011-3110 · Tibco · Tibbr+1

CVE-2011-1414

Weakness Enumeration

Related Identifiers

Affected Products

References · 9