Cross-site Scripting Vulnerability in TIBCO Collaborative Information Manager and ActiveCatalog
CVE-2010-4497

Currently unrated

Key Information:

Vendor: Tibco
Status: Collaborative Information Manager; Activecatalog
Vendor: CVE Published:; 7 January 2011

Summary

A Cross-site Scripting (XSS) vulnerability exists in the TIBCO Collaborative Information Manager and ActiveCatalog, allowing remote attackers to inject arbitrary web scripts or HTML code. This vulnerability can be exploited through various unspecified vectors, potentially compromising the integrity of the affected systems and user sessions.

References

http://www.securityfocus.com/bid/45691

vdb-entryx_refsource_BID

http://secunia.com/advisories/42791

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2011/0037

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Jan 7, 2011
Vulnerability Reserved
Dec 7, 2010