CVE Published: 07/03/2019 |
CVE Updated: 16/09/2024 |
CVE Year: 2018 Source: tibco |
Vendor: TIBCO Software Inc. |
Product: TIBCO JasperReports Server Status : PUBLISHED
CVE-2018-18816 Description
The repository component of TIBCO Software Inc.\'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS contains a persistent cross site scripting vulnerability. Affected releases are TIBCO Software Inc.\'s TIBCO JasperReports Server: versions up to and including 6.3.4; 6.4.0; 6.4.1; 6.4.2; 6.4.3; 7.1.0, TIBCO JasperReports Server Community Edition: versions up to and including 7.1.0, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.3, TIBCO Jaspersoft for AWS with Multi- Tenancy versions up to and including 7.1.0, and TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 7.1.0.
CWE-ID: CWE Name: The impact of this vulnerability includes the theoretical possibility that a malicious actor could gain full access to the web interface of the affected component. Source: TIBCO Software Inc.
Common Attack Pattern Enumeration and Classification (CAPEC)