TIBCO Statistica Reflected Cross Site Scripting (XSS) Vulnerability
CVE-2022-30575

7.3HIGH

Key Information:

Vendor

Tibco
Status
Tibco Data Science - Workbench
Tibco Statistica
Tibco Statistica - Estore Edition
Tibco Statistica Trial
Vendor
CVE Published:
16 August 2022

What is CVE-2022-30575?

The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO Data Science - Workbench: versions 14.0.0 and below, TIBCO Statistica: versions 14.0.0 and below, TIBCO Statistica - Estore Edition: versions 14.0.0 and below, and TIBCO Statistica Trial: versions 14.0.0 and below.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TIBCO Data Science - Workbench <= 14.0.0

TIBCO Statistica <= 14.0.0

TIBCO Statistica - Estore Edition <= 14.0.0

References

https://www.tibco.com/services/support/advisories
x_refsource_CONFIRM
https://www.tibco.com/support/advisories/2022/08/tibco-se...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.