漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
TIBCO Active Matrix Service Grid Administrator With Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
Vulnerability Description
The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains multiple vulnerabilities that may allow for cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, TIBCO ActiveMatrix Policy Director: versions up to and including 1.1.0, TIBCO ActiveMatrix Service Bus: versions up to and including 3.3.0, TIBCO ActiveMatrix Service Grid: versions up to and including 3.3.1, TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid: versions up to and including 1.3.1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TIBCO Software TIBCO ActiveMatrix BPM 跨站脚本漏洞
Vulnerability Description
TIBCO Software ActiveMatrix BPM是美国TIBCO Software公司的一套数字化转型的业务流程管理系统。该系统提供流程自动化、内置业务流程模型、人力资源管理、预测操作仪表板等功能。 多款TIBCO产品中的管理Web界面存在跨站脚本漏洞。攻击者可利用该漏洞获取Web界面功能的全部权限。以下产品和版本受到影响:TIBCO ActiveMatrix BPM 4.2.0及之前版本;TIBCO ActiveMatrix BPM Distribution for TIBCO Silve
CVSS Information
N/A
Vulnerability Type
N/A