CVE-2023-26220 Information
Description
The Spotfire Library component of TIBCO Software Inc.’s Spotfire Analyst and Spotfire Server contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.’s Spotfire Analyst: versions 11.4.7 and below versions 11.5.0 11.6.0 11.7.0 11.8.0 12.0.0 12.0.1 12.0.2 12.0.3 and 12.0.4 versions 12.1.0 and 12.1.1 and Spotfire Server: versions 11.4.11 and below versions 11.5.0 11.6.0 11.6.1 11.6.2 11.6.3 11.7.0 11.8.0 11.8.1 12.0.0 12.0.1 12.0.2 12.0.3 12.0.4 and 12.0.5 versions 12.1.0 and 12.1.1.
Reference
https://www.tibco.com/services/support/advisories
Share on: