PT-2011-4262 · Tibco · Tibco Spotfire Server+1
Publicado
2011-09-02
·
Atualizado
2011-09-23
·
CVE-2011-3132
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
TIBCO Spotfire Server versions 3.0.x through 3.0.1
TIBCO Spotfire Server versions 3.1.x through 3.1.1
TIBCO Spotfire Server versions 3.2.x through 3.2.0
TIBCO Spotfire Server versions 3.3.x through 3.3.0
Spotfire Analytics Server versions prior to 10.1.1
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For TIBCO Spotfire Server versions 3.0.x through 3.0.1, update to version 3.0.2 or later.
For TIBCO Spotfire Server versions 3.1.x through 3.1.1, update to version 3.1.2 or later.
For TIBCO Spotfire Server versions 3.2.x through 3.2.0, update to version 3.2.1 or later.
For TIBCO Spotfire Server versions 3.3.x through 3.3.0, update to version 3.3.1 or later.
For Spotfire Analytics Server versions prior to 10.1.1, update to version 10.1.1 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Spotfire Analytics Server
Tibco Spotfire Server