### [CVE-2024-10218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10218)
![](https://img.shields.io/static/v1?label=Product&message=TIBCO%20Hawk&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=TIBCO%20Operational%20Intelligence&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=The%20components%20listed%20above%20contain%20a%20vulnerability%20that%20allows%20the%20author%20of%20a%20malicious%20.mar%20file%20to%20perform%20an%20XEE%20attack&color=brightgreen)

### Description

XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in TIBCO Software Inc TIBCO Hawk and TIBCO Operational Intelligence

### POC

#### Reference
- https://community.tibco.com/advisories

#### Github
No PoCs found on GitHub currently.