Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2017-5528HistoryJun 29, 2017 - 2:29 p.m.
CVE-2017-5528
2017-06-2914:29:00
Debian Security Bug Tracker
security-tracker.debian.org
5
0.001 Low
EPSS
Percentile
32.6%
Multiple JasperReports Server components contain vulnerabilities which may allow authorized users to perform cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. The impact of this vulnerability includes the theoretical disclosure of sensitive information. Affects TIBCO JasperReports Server (versions 6.1.1 and below, 6.2.0, 6.2.1, and 6.3.0), TIBCO JasperReports Server Community Edition (versions 6.3.0 and below), TIBCO JasperReports Server for ActiveMatrix BPM (versions 6.2.0 and below), TIBCO Jaspersoft for AWS with Multi-Tenancy (versions 6.2.0 and below), and TIBCO Jaspersoft Reporting and Analytics for AWS (versions 6.2.0 and below).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | jasperreports | <= 6.2.2-3 | jasperreports_6.2.2-3_all.deb |
Related
cve
cve
CVE-2017-5528
2017-06-29 14:29:00
nessus
nessus
RHEL 7 : jasperrreports (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : jasperreports-server-pro (Unpatched Vulnerability)
2024-06-03 00:00:00
cvelist
cvelist
CVE-2017-5528 TIBCO JasperReports Server cross-site vulnerabilities
2017-06-28 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-06-29 14:29:00
redhatcve
redhatcve
CVE-2017-5528
2017-07-24 10:48:35
ubuntucve
ubuntucve
CVE-2017-5528
2017-06-29 00:00:00
nvd
nvd
CVE-2017-5528
2017-06-29 14:29:00
openvas
openvas
TIBCO JasperReports < 6.4.0 Multiple Vulnerabilities
2017-07-05 00:00:00