Lucene search

K
TibcoSpotfire Web Player

5 matches found

CVE
CVE
added 2018/07/24 3:29 p.m.40 views

CVE-2017-3180

Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

5.4CVSS5.9AI score0.0034EPSS
CVE
CVE
added 2013/03/15 10:55 p.m.36 views

CVE-2013-2373

The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.

6.4CVSS6.4AI score0.00274EPSS
CVE
CVE
added 2015/07/21 7:59 p.m.34 views

CVE-2015-4554

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6...

7.5CVSS7.8AI score0.01504EPSS
CVE
CVE
added 2013/03/15 10:55 p.m.30 views

CVE-2013-2372

Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00322EPSS
CVE
CVE
added 2014/11/21 2:59 a.m.30 views

CVE-2014-7195

Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before 6.0.2 and 6.5.x before 6.5.2, and Silver Fabric Enabler for Spotfire Web Player before 1.6.1 allows remote authenticated users to obtain sensitive information via ...

4CVSS5.9AI score0.00141EPSS