Vulnerabilities > Tibco > Low

DATE CVE VULNERABILITY TITLE RISK
2019-03-07 CVE-2018-18816 Cross-site Scripting vulnerability in Tibco products
The repository component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS contains a persistent cross site scripting vulnerability.
network
tibco CWE-79
3.5
3.5
2019-01-16 CVE-2018-18812 Incorrect Permission Assignment for Critical Resource vulnerability in Tibco products
The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restrict users with read-only access from modifying files stored in the Spotfire Library, only when the Spotfire Library is configured to use external storage.
network
tibco CWE-732
3.5
3.5
2018-11-26 CVE-2018-18807 Cross-site Scripting vulnerability in Tibco Statistica Server 13.3.0/13.4.0
The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS) attacks.
network
tibco CWE-79
3.5
3.5
2018-07-24 CVE-2017-3180 Cross-site Scripting vulnerability in Tibco products
Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
network
tibco CWE-79
3.5
3.5
2018-06-13 CVE-2018-5432 Cross-site Scripting vulnerability in Tibco Administrator
The TIBCO Administrator server component of of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains multiple vulnerabilities wherein a malicious user could theoretically perform cross-site scripting (XSS) attacks by way of manipulating artifacts prior to uploading them.
network
tibco CWE-79
3.5
3.5
2018-05-01 CVE-2017-5536 Cross-site Scripting vulnerability in Tibco Datasynapse Gridserver Manager
The GridServer Broker, and GridServer Director components of TIBCO Software Inc.
network
tibco CWE-79
3.5
3.5
2018-04-17 CVE-2018-5431 Cross-site Scripting vulnerability in Tibco products
The domain designer component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which may allow, in the context of a non-default permissions configuration, persisted cross-site scripting (XSS) attacks.
network
tibco CWE-79
3.5
3.5
2017-12-11 CVE-2017-16789 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script or HTML via the users management panel of the web interface. 		3.5
3.5
2017-11-15 CVE-2017-5532 Cross-site Scripting vulnerability in Tibco products
A vulnerability in the report renderer component of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS, TIBCO Jaspersoft Studio, and TIBCO Jaspersoft Studio for ActiveMatrix BPM may allow a subset of authorized users to perform persistent cross-site scripting (XSS) attacks.
network
tibco CWE-79
3.5
3.5
2006-09-11 CVE-2006-4676 Information Disclosure vulnerability in TIBCO Rendezvous Rvrd.DB
TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.
local
high complexity
tibco
1.2
1.2