CVE-2011-2020 Information

Description

Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://osvdb.org/72553 http://secunia.com/advisories/44639 http://www.securityfocus.com/bid/47921 http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp http://www.vupen.com/english/advisories/2011/1272 https://exchange.xforce.ibmcloud.com/vulnerabilities/67537