Vulnerability Description
The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BPM Enterprise: versions 4.3.0 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.0 and below.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Bpm Enterprise | <= 4.3.0 |
| Tibco | Bpm Enterprise Distribution For Silver Fabric | <= 4.3.0 |
Related Weaknesses (CWE)
References
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- http://www.tibco.com/services/support/advisoriesVendor Advisory
FAQ
What is CVE-2021-23272?
CVE-2021-23272 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically al...
How severe is CVE-2021-23272?
CVE-2021-23272 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-23272?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Bpm Enterprise, Tibco Bpm Enterprise Distribution For Silver Fabric.