Cross-Site Scripting Vulnerability in TIBCO iProcess Engine and Workspace
CVE-2011-2020

Currently unrated

Key Information:

Vendor: Tibco
Status: Iprocess Engine
Vendor: CVE Published:; 20 May 2011

What is CVE-2011-2020?

An XSS vulnerability exists in the TIBCO iProcess Engine prior to version 11.1.3 and iProcess Workspace prior to version 11.3.1. This flaw enables remote attackers to inject arbitrary web scripts or HTML code through unspecified vectors, posing a significant risk to the integrity and security of applications relying on these affected products.

References

http://www.tibco.com/services/support/advisories/iprocess...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/67537

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/47921

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2011
Vulnerability Reserved
May 9, 2011

Tibco

What is CVE-2011-2020?

References

Timeline