Cross-Site Scripting Vulnerability in TIBCO Managed File Transfer Products
CVE-2011-3423

Currently unrated

Key Information:

Vendor: Tibco
Status: Managed File Transfer Command Center; Managed File Transfer Internet Server; Slingshot
Vendor: CVE Published:; 19 September 2011

Summary

An XSS vulnerability exists in the TIBCO Managed File Transfer products allowing remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This can lead to unauthorized access to sensitive data or the execution of malicious scripts in the context of the user's browser. It is crucial for users to ensure their systems are up-to-date to mitigate this risk.

References

http://secunia.com/advisories/45976

third-party-advisoryx_refsource_SECUNIA

http://www.tibco.com/services/support/advisories/mft-slin...

x_refsource_CONFIRM

http://www.tibco.com/multimedia/mft-slingshot_advisory_20...

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 19, 2011
Vulnerability Reserved
Sep 12, 2011