Cross-Site Scripting Vulnerability in TIBCO Spotfire Server
CVE-2011-3132

Currently unrated

Key Information:

Vendor: Tibco
Status: Spotfire Server; Spotfire Analytics Server
Vendor: CVE Published:; 2 September 2011

Summary

A Cross-Site Scripting (XSS) vulnerability exists in multiple versions of TIBCO Spotfire Server and Spotfire Analytics Server, allowing remote attackers to inject arbitrary web scripts or HTML. This could lead to unauthorized actions or data exposure when users interact with the affected application. It is crucial for users to apply relevant updates to mitigate potential risks associated with this vulnerability.

References

http://www.tibco.com/services/support/advisories/default.jsp

x_refsource_CONFIRM

http://www.securitytracker.com/id?1025999

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/45864

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Sep 2, 2011
Vulnerability Reserved
Aug 11, 2011