CVE-2021-35493 TIBCO WebFOCUS Cross Site Scripting vulnerabilities

🗓️ 14 Sep 2021 17:20:10Reported by tibcoType

TIBCO WebFOCUS XSS vulnerabilities in Reporting Server and Client component

Reporter	Title	Published	Views	Family All 8
IBM Security Bulletins	Security Bulletin: IBM Db2 Web Query for i is vulnerable to denial of service in Apache Commons Compress (CVE-2021-36090), arbitrary code execution in Apache Log4j (CVE-2021-44832), and cross-site scripting in TIBCO WebFOCUS (CVE-2021-35493)	30 Mar 202214:28	–	ibm
Circl	CVE-2021-35493	14 Sep 202122:23	–	circl
CNNVD	TIBCO WebFOCUS 跨站脚本漏洞	14 Sep 202100:00	–	cnnvd
CVE	CVE-2021-35493	14 Sep 202117:20	–	cve
EUVD	EUVD-2021-22135	7 Oct 202500:30	–	euvd
NVD	CVE-2021-35493	14 Sep 202118:15	–	nvd
OSV	CVE-2021-35493	14 Sep 202118:15	–	osv
Prion	Cross site scripting	14 Sep 202118:15	–	prion

[
  {
    "product": "TIBCO WebFOCUS Client",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "8207.27.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO WebFOCUS Installer",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "8207.27.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TIBCO WebFOCUS Reporting Server",
    "vendor": "TIBCO Software Inc.",
    "versions": [
      {
        "lessThanOrEqual": "8207.27.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
tibco	www.tibco.com/support/advisories/2021/09/tibco-security-advisory-september-14-2021-tibco-webfocus-2021-35493
tibco	www.tibco.com/services/support/advisories

14 Sep 2021 18:06Current

8.4High risk

Vulners AI Score8.4

CVSS 3.19

EPSS0.00576