Cross-Site Scripting Vulnerability in TIBCO Spotfire Web Player
CVE-2013-2372
Currently unrated
Summary
The TIBCO Spotfire Web Player features a vulnerability that allows remote attackers to inject arbitrary web script or HTML into web pages. This occurs due to insufficient input validation, exposing users to potential malicious scripts via unspecified vectors. To protect against exploitation, it is crucial for users to update their installations to patched versions and implement security best practices.
References
Timeline
Vulnerability Reserved
Vulnerability published