CVEs-PoC/2021/CVE-2021-23271.md

### [CVE-2021-23271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23271)
![](https://img.shields.io/static/v1?label=Product&message=TIBCO%20EBX&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=The%20impact%20of%20these%20vulnerabilities%20include%20the%20possibility%20that%20an%20attacker%20would%20gain%20full%20administrative%20access%20to%20the%20web%20interface%20of%20the%20affected%20component.&color=brightgreen)

### Description

The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.12 and below.

### POC

#### Reference
- http://www.tibco.com/services/support/advisories

#### Github
No PoCs found on GitHub currently.