Vulnerability Description
The Workspace client component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains difficult to exploit Reflected Cross Site Scripting (XSS) vulnerabilities that allow low privileged attackers with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO BPM Enterprise: versions 4.3.1 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.1 and below.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Bpm Enterprise | < 4.3.2 |
| Tibco | Bpm Enterprise Distribution For Silver Fabric | < 4.3.2 |
Related Weaknesses (CWE)
References
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/05/tibco-security-advisory-may-17-Vendor Advisory
- https://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2022/05/tibco-security-advisory-may-17-Vendor Advisory
FAQ
What is CVE-2022-22775?
CVE-2022-22775 is a vulnerability with a CVSS score of 8.1 (HIGH). The Workspace client component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains difficult to exploit Reflected Cross Site Scripting ...
How severe is CVE-2022-22775?
CVE-2022-22775 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22775?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Bpm Enterprise, Tibco Bpm Enterprise Distribution For Silver Fabric.