cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-26222,https://securityvulnerability.io/vulnerability/CVE-2023-26222,TIBCO EBX Cross-site Scripting (XXS) Vulnerability,"The Web Application component of TIBCO EBX and the TIBCO Product and Service Catalog is susceptible to a stored Cross-Site Scripting (XSS) vulnerability. This issue allows low-privileged attackers with network access to inject malicious scripts, which can be executed by users accessing the affected applications. This vulnerability impacts versions of TIBCO EBX up to 5.9.22 and 6.0.13, as well as the TIBCO Product and Service Catalog versions up to 5.0.0, creating potential risks for data integrity and user security.",Tibco,"Tibco Ebx,Tibco Product And Service Catalog Powered By Tibco Ebx",8.7,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-11-14T20:15:00.000Z,0
CVE-2023-26217,https://securityvulnerability.io/vulnerability/CVE-2023-26217,TIBCO EBX Add-ons SQL Injection Vulnerability,"The Data Exchange Add-on component of TIBCO EBX Add-ons is vulnerable to SQL injection, allowing low privileged users with import permissions and network access to execute arbitrary SQL commands on the server. This poses a significant security risk, as unauthorized SQL execution can lead to data breaches, data manipulation, and potential system compromise for the affected versions.",Tibco,Tibco Ebx Add-ons,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-07-19T21:15:00.000Z,0
CVE-2023-26215,https://securityvulnerability.io/vulnerability/CVE-2023-26215,TIBCO EBX® Add-ons Path Traversal,"The server component of TIBCO EBX Add-ons by TIBCO Software Inc. contains a weakness that enables attackers with minimal application privileges to access and read sensitive system files that are within the reach of the web server. This vulnerability affects versions 4.5.16 and earlier, posing a risk of unauthorized information disclosure, which could lead to further exploitation if sensitive data is disclosed.",Tibco,Tibco Ebx Add-ons,6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-05-25T19:15:00.000Z,0
CVE-2023-26216,https://securityvulnerability.io/vulnerability/CVE-2023-26216,TIBCO EBX Add-ons Arbitrary File Write,"The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons is affected by a file upload vulnerability, permitting unauthorized attackers to upload files to a directory that is accessible by the web server. This flaw is present in TIBCO EBX Add-ons versions 4.5.16 and earlier, allowing for potential exploitation that can lead to more severe security incidents.",Tibco,Tibco Ebx Add-ons,9.1,CRITICAL,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-05-25T19:15:00.000Z,0
CVE-2022-41566,https://securityvulnerability.io/vulnerability/CVE-2022-41566,TIBCO EBX Add-ons Cross Site Scripting (XSS) Vulnerability,"The server component of TIBCO EBX Add-ons has a vulnerability that enables low privileged attackers with network access to execute stored Cross-Site Scripting (XSS) attacks on the vulnerable system. This flaw is particularly concerning in versions 5.6.0 and earlier, as it allows for unauthorized script execution, potentially compromising user data and overall system integrity. Mitigation involves updating to patched versions and implementing stringent security measures to prevent exploitation.",Tibco,Tibco Ebx Add-ons,8.7,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-02-22T00:00:00.000Z,0
CVE-2022-41565,https://securityvulnerability.io/vulnerability/CVE-2022-41565,TIBCO EBX Cross Site Scripting (XSS) Vulnerability,"A stored cross-site scripting (XSS) vulnerability exists in the Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog. This vulnerability can be exploited by an attacker with low privileges and network access, allowing unauthorized script execution within the affected environment. Immediate attention is required to mitigate the risk associated with versions 5.9.21 and below of TIBCO EBX, versions 6.0.11 and below of TIBCO EBX, and versions 1.2.0 and below of the TIBCO Product and Service Catalog.",Tibco,"Tibco Ebx,Tibco Product And Service Catalog Powered By Tibco Ebx",8.7,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-02-22T00:00:00.000Z,0
CVE-2022-30578,https://securityvulnerability.io/vulnerability/CVE-2022-30578,TIBCO EBX Add-ons Stored XSS vulnerability,The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 5.4.1 and below.,Tibco,Tibco Ebx Add-ons,8,HIGH,0.00203000009059906,false,,false,false,false,,,false,false,,2022-09-21T00:00:00.000Z,0
CVE-2022-30577,https://securityvulnerability.io/vulnerability/CVE-2022-30577,TIBCO EBX Stored XSS vulnerability,The Web Server component of TIBCO Software Inc.'s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 6.0.0 through 6.0.8.,Tibco,Tibco Ebx,8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-09-21T00:00:00.000Z,0
CVE-2022-22769,https://securityvulnerability.io/vulnerability/CVE-2022-22769,TIBCO EBX vulnerabilities,"The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.124 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, 5.9.14, and 5.9.15, TIBCO EBX: versions 6.0.0, 6.0.1, 6.0.2, and 6.0.3, TIBCO EBX Add-ons: versions 3.20.18 and below, TIBCO EBX Add-ons: versions 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, and 4.5.6, TIBCO EBX Add-ons: versions 5.0.0, 5.0.1, 5.1.0, 5.1.1, and 5.2.0, and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.1.0 and below.",Tibco,"Tibco Ebx,Tibco Ebx Add-ons,Tibco Product And Service Catalog Powered By Tibco Ebx",8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-01-19T00:00:00.000Z,0
CVE-2021-35498,https://securityvulnerability.io/vulnerability/CVE-2021-35498,TIBCO EBX Insecure Login Mechanism,"The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it will be accepted as valid. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.123 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, and 5.9.14, TIBCO EBX: versions 6.0.0 and 6.0.1, and TIBCO Product and Service Catalog powered by TIBCO EBX: version 1.0.0.",Tibco,"Tibco Ebx,Tibco Product And Service Catalog Powered By Tibco Ebx",9.8,CRITICAL,0.0024399999529123306,false,,false,false,false,,,false,false,,2021-10-13T00:00:00.000Z,0
CVE-2021-23271,https://securityvulnerability.io/vulnerability/CVE-2021-23271,TIBCO EBX Cross Site Scripting (XSS),The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.12 and below.,Tibco,Tibco Ebx,8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2021-02-02T00:00:00.000Z,0
CVE-2020-27148,https://securityvulnerability.io/vulnerability/CVE-2020-27148,TIBCO EBX EXML External Entity,"The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX Insight Add-on components of TIBCO Software Inc.'s TIBCO EBX Add-ons contain a vulnerability that theoretically allows a low privileged attacker with network access to execute an XML External Entity (XXE) attack. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.4.2 and below.",Tibco,Tibco Ebx Add-ons,7.1,HIGH,0.001449999981559813,false,,false,false,false,,,false,false,,2021-01-12T00:00:00.000Z,0
CVE-2019-17333,https://securityvulnerability.io/vulnerability/CVE-2019-17333,TIBCO EBX Exposes Cross-Site Scripting Vulnerability,"The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.1.fixS and below, versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, and 5.9.7.",Tibco,Tibco Ebx,8,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2020-02-19T00:00:00.000Z,0
CVE-2019-17330,https://securityvulnerability.io/vulnerability/CVE-2019-17330,TIBCO EBX Exposes Multiple Cross-Site Scripting Vulnerabilities,"The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions up to and including 5.8.1.fixR, versions 5.9.3, 5.9.4, 5.9.5, and 5.9.6.",Tibco,Tibco Ebx,8.8,HIGH,0.0017999999690800905,false,,false,false,false,,,false,false,,2019-11-12T00:00:00.000Z,0
CVE-2019-17331,https://securityvulnerability.io/vulnerability/CVE-2019-17331,TIBCO EBX Add-on For Data Exchange Cross-Site Scripting Vulnerabilities,"The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.",Tibco,Tibco Ebx Add-ons,7.3,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2019-11-12T00:00:00.000Z,0
CVE-2019-17332,https://securityvulnerability.io/vulnerability/CVE-2019-17332,TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities,"The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.",Tibco,Tibco Ebx Add-ons,7.3,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2019-11-12T00:00:00.000Z,0