XSS in Tibco Spotfire_analytics_server
CVE-2011-3132
Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.017 (73.9th percentile) — read the EPSS interpretation.
Affected products
- Tibco Spotfire_analytics_server — versions 10.0.0
- Tibco Spotfire_server — versions 3.0.0, 3.0.1, 3.1.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)