Vulnerabilities > Tibco > EBX ADD ONS > 5.4.1

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-26217 SQL Injection vulnerability in Tibco EBX Add-Ons
The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access to the EBX server to execute arbitrary SQL statements on the affected system.
network
low complexity
tibco CWE-89
8.8
8.8
2023-02-22 CVE-2022-41566 Cross-site Scripting vulnerability in Tibco EBX Add-Ons
The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute stored XSS on the affected system.
network
low complexity
tibco CWE-79
5.4
5.4