CVE-2023-26220

CVSS V2 None CVSS V3 None
Description
The Spotfire Library component of TIBCO Software Inc.'s Spotfire Analyst and Spotfire Server contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 11.4.7 and below, versions 11.5.0, 11.6.0, 11.7.0, 11.8.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4, versions 12.1.0 and 12.1.1 and Spotfire Server: versions 11.4.11 and below, versions 11.5.0, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.7.0, 11.8.0, 11.8.1, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, and 12.0.5, versions 12.1.0 and 12.1.1.
Overview
  • CVE ID
  • CVE-2023-26220
  • Assigner
  • tibco
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-10-10T22:06:36.002Z
  • Last Modified Date
  • 2023-10-10T22:06:36.002Z
References
History
Created Old Value New Value Data Type Notes
2024-06-24 23:14:08 Added to TrackCVE