CVE-2019-17337

The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tibco:spotfire_analytics_platform_for_aws:10.6.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:7.12.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:7.13.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:7.14.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.1.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.3.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.3.2:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.3.3:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.3.4:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.6.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:spotfire_server:10.3.1:*:*:*:*:*:*:*

Information

Published : 2019-12-17 13:15

Updated : 2019-12-20 11:56


NVD link : CVE-2019-17337

Mitre link : CVE-2019-17337


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

tibco

  • spotfire_analytics_platform_for_aws
  • spotfire_server