The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.
2019-12-17T21:15:12.507
2024-11-21T04:32:06.877
Modified
CVSSv3.1: 5.4 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | tibco | spotfire_analytics_platform_for_aws | 10.6.0 | Yes |
| Application | tibco | spotfire_server | ≤ 7.11.7 | Yes |
| Application | tibco | spotfire_server | 7.12.0 | Yes |
| Application | tibco | spotfire_server | 7.13.0 | Yes |
| Application | tibco | spotfire_server | 7.14.0 | Yes |
| Application | tibco | spotfire_server | 10.0.0 | Yes |
| Application | tibco | spotfire_server | 10.0.1 | Yes |
| Application | tibco | spotfire_server | 10.1.0 | Yes |
| Application | tibco | spotfire_server | 10.2.0 | Yes |
| Application | tibco | spotfire_server | 10.2.1 | Yes |
| Application | tibco | spotfire_server | 10.3.0 | Yes |
| Application | tibco | spotfire_server | 10.3.1 | Yes |
| Application | tibco | spotfire_server | 10.3.2 | Yes |
| Application | tibco | spotfire_server | 10.3.3 | Yes |
| Application | tibco | spotfire_server | 10.3.4 | Yes |
| Application | tibco | spotfire_server | 10.4.0 | Yes |
| Application | tibco | spotfire_server | 10.5.0 | Yes |
| Application | tibco | spotfire_server | 10.6.0 | Yes |