8 matches found
EUVD-2011-2014
Malware in sbrugna...
EUVD-2020-19670
Malware in sbrugna...
TIBCO iProcess Workspace (Browser) Cross-Site Request Forgery Vulnerability
TIBCO Software TIBCO iProcess Workspace Browser is a software from TIBCO Software that converts iProcess Modeler forms to HTML and then customizes them. A cross-site request forgery vulnerability exists in TIBCO iProcess Workspace Browser version 11.6.0 and prior versions that could allow an...
CVE-2020-27146
The Core component of TIBCO Software Inc.'s TIBCO iProcess Workspace Browser contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a Cross Site Request Forgery CSRF attack on the affected system. A successful attack using this vulnerability...
CVE-2020-27146
The CVE-2020-27146 issue affects TIBCO iProcess Workspace (Browser) Core. A CSRF vulnerability could allow an unauthenticated attacker with network access to trigger actions on behalf of an authenticated user, requiring user interaction. Impact is limited to versions 11.6.0 and earlier. The issue...
Session fixation
Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2011-2020
TIBCO iProcess vulnerability CVE-2011-2020 is a cross-site scripting flaw in inbound HTTP request handling. Affects TIBCO iProcess Engine prior to 11.1.3 and iProcess Workspace prior to 11.3.1, where an attacker could inject arbitrary web script/HTML. The advisory states affected components inclu...
CVE-2011-2021
CVE-2011-2021 covers a session-fixation vulnerability in TIBCO iProcess components (Engine before 11.1.3 and Workspace before 11.3.1). The issue can allow remote attackers to hijack web sessions via unspecified vectors by manipulating inbound HTTP session handling. Affected components include TIB...