CVE-2022-30571
TIBCO iWay Service Manager Reflected Cross Site Scripting (XSS) Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO iWay Service Manager: versions 8.0.6 and below.
El componente iWay Service Manager Console de TIBCO Software Inc. contiene vulnerabilidades de tipo Cross Site Scripting (XSS) Reflejado fácilmente explotables que permiten a un atacante poco privilegiado y acceso a la red ejecutar scripts dirigidos al sistema afectado o al sistema local de la vĂctima. Las versiones afectadas son TIBCO Software Inc.'s TIBCO iWay Service Manager: versiones 8.0.6 y anteriores
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-11 CVE Reserved
- 2022-08-02 CVE Published
- 2024-09-16 CVE Updated
- 2025-08-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tibco Search vendor "Tibco" | Iway Service Manager Search vendor "Tibco" for product "Iway Service Manager" | < 8.0.7 Search vendor "Tibco" for product "Iway Service Manager" and version " < 8.0.7" | - |
Affected
| ||||||