CVE-2021-43047

Name of the Vulnerable Software and Affected Versions TIBCO PartnerExpress versions 6.2.1 and below

Description The issue concerns Stored and Reflected Cross Site Scripting (XSS) vulnerabilities in the Interior Server and Gateway Server components. These vulnerabilities can be exploited by a low-privileged attacker to execute scripts targeting the affected system or the victim's local system through social engineering, requiring human interaction from a person other than the attacker.

Recommendations For versions 6.2.1 and below, update to a version above 6.2.1 to resolve the issue.