{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T21:51:06.151","vulnerabilities":[{"cve":{"id":"CVE-2023-26222","sourceIdentifier":"security@tibco.com","published":"2023-11-14T20:15:07.517","lastModified":"2024-11-21T07:50:56.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.22 and below, versions 6.0.13 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 5.0.0 and below.\n\n"},{"lang":"es","value":"El componente Web Application de TIBCO Software Inc. TIBCO EBX y TIBCO Product and Service Catalog con tecnología TIBCO EBX contiene una vulnerabilidad fácilmente explotable que permite a un atacante con pocos privilegios y acceso a la red ejecutar un XSS almacenado en el sistema afectado. Los productos afectados son TIBCO EBX de TIBCO Software Inc.: versiones 5.9.22 y anteriores, versiones 6.0.13 y siguientes y TIBCO Product and Service Catalog con tecnología TIBCO EBX: versiones 5.0.0 y siguientes."}],"metrics":{"cvssMetricV31":[{"source":"security@tibco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:ebx:*:*:*:*:*:*:*:*","versionEndIncluding":"5.0.0","matchCriteriaId":"FBEE6A78-3EEB-46E0-9002-EFBC59852828"},{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:ebx:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.1","versionEndExcluding":"5.9.23","matchCriteriaId":"3B525D42-7A21-4A4C-AD00-D13256623927"},{"vulnerable":true,"criteria":"cpe:2.3:a:tibco:ebx:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.14","matchCriteriaId":"E4217A0B-6B58-4C68-917D-58571CD8CB01"}]}]}],"references":[{"url":"https://www.tibco.com/services/support/advisories","source":"security@tibco.com","tags":["Vendor Advisory"]},{"url":"https://www.tibco.com/services/support/advisories","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}