Vulnerabilities (CVE)

Filtered by vendor Tibco Subscribe
Filtered by product Tibbr
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5534 1 Tibco 1 Tibbr 2024-11-21 9.0 HIGH 8.8 HIGH
The tibbr user profiles components of tibbr Community, and tibbr Enterprise expose a weakness in an improperly sandboxed third-party component. Affected releases are TIBCO Software Inc. tibbr Community 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0, tibbr Enterprise 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0.
CVE-2017-5530 1 Tibco 1 Tibbr 2024-11-21 5.5 MEDIUM 8.1 HIGH
The tibbr web server components of tibbr Community, and tibbr Enterprise contain SAML protocol handling errors which may allow authorized users to impersonate other users, and therefore escalate their access privileges. Affected releases are tibbr Community 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0, tibbr Enterprise 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0.
CVE-2011-1414 1 Tibco 2 Tibbr, Tibbr Service 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the tibbr web server, as used in TIBCO tibbr 1.0.0 through 1.5.0 and tibbr Service 1.0.0 through 1.5.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.