Unrated severityNVD Advisory· Published Mar 26, 2019· Updated Sep 16, 2024

TIBCO Spotfire Data Science Vulnerable to Persistent Cross-Site Scripting

CVE-2019-8987

Description

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to more privileged users. Affected releases are TIBCO Software Inc.'s TIBCO Data Science for AWS: versions up to and including 6.4.0, and TIBCO Spotfire Data Science: versions up to and including 6.4.0.

Affected products

Tibco Software Inc./Tibco Data Science For Awsv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/107595mitrevdb-entryx_refsource_BID
www.tibco.com/services/support/advisoriesmitrex_refsource_MISC
www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-26-2019-tibco-spotfire-data-science-2019-8987mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000