CVE-2019-17330

Name of the Vulnerable Software and Affected Versions TIBCO EBX versions up to and including 5.8.1.fixR TIBCO EBX versions 5.9.3, 5.9.4, 5.9.5, 5.9.6

Description The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks.

Recommendations For TIBCO EBX versions up to and including 5.8.1.fixR, update to a version later than 5.8.1.fixR to resolve the issue. For TIBCO EBX versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, update to a version later than these to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.