CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17339 – TIBCO Silver Fabric XSS vulerability
https://notcve.org/view.php?id=CVE-2019-17339
The VirtualRouter component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that theoretically allows an attacker to inject scripts via URLs. The attacker could theoretically social engineer an authenticated user into submitting the URL, thus executing the script on the affected system with the privileges of the user. Affected releases are TIBCO Software Inc.'s TIBCO Silver Fabric: versions 6.0.0 and below. • http://www.tibco.com/services/support/advisories •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12409
https://notcve.org/view.php?id=CVE-2018-12409
The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Silver Fabric: versions up to and including 5.8.1. El componente de la API de TIBCO Silver Fabric, de TIBCO Software Inc., contiene una vulnerabilidad que podría permitir ataques de Cross-Site Scripting (XSS) reflejado. • http://www.securityfocus.com/bid/107024 http://www.tibco.com/services/support/advisories https://www.tibco.com/support/advisories/2019/02/tibco-security-advisory-february-13-2019-tibco-silver-fabric • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •