CVE-2022-22777

Summary

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow an unauthenticated attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management: versions 6.1.0 and below.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.TIBCO BusinessConnect Trading Community Managementunspecified <= 6.1.0affected

Weaknesses

  • Successful execution of this vulnerability can result in an attacker gaining partial access to the affected system and can result in unauthorized read, update, insert or delete access to a subset of resources.

ADP Enrichment

CVE Program Container

Additional References

References