CVE-2024-10217Cross-site Scripting in Software INC Tibco Hawk

CWE-79Cross-site Scripting3 documents3 sources
Severity
9.2CRITICALNVD
EPSS
0.1%
top 72.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tibco Software INC Tibco HawkTibco Software INC Tibco Operational Intelligence
Timeline
PublishedNov 12

Description

XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in TIBCO Software Inc TIBCO Hawk and TIBCO Operational Intelligence

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:N/SC:L/SI:N/SA:H

Affected Packages2 packages

CVEListV5tibco_software_inc/tibco_hawk6.25

🔴Vulnerability Details

2
CVEList
TIBCO Hawk Stored-XSS Vulnerability2024-11-12
GHSA
GHSA-g9wf-hxjw-97mq: XSS Attack in mar2024-11-12
CVE-2024-10217 — Cross-site Scripting | cvebase