Vulnerabilities > Tibco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-18 | CVE-2020-9415 | Unspecified vulnerability in Tibco products The TIBCO Data Virtualization Server component of TIBCO Software Inc.'s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains a vulnerability that theoretically allows a malicious authenticated user to download any arbitrary file from the affected system. | 6.5 |
| 2020-02-19 | CVE-2019-17333 | Cross-site Scripting vulnerability in Tibco EBX The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. | 5.4 |
| 2020-01-28 | CVE-2019-17338 | Cross-site Scripting vulnerability in Tibco Patterns - Search The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. | 5.4 |
| 2019-12-17 | CVE-2019-17337 | Cross-site Scripting vulnerability in Tibco products The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. | 5.4 |
| 2019-12-17 | CVE-2019-17336 | Unspecified vulnerability in Tibco products The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to information that can lead to obtaining credentials used to access Spotfire data sources. | 6.5 |
| 2019-12-17 | CVE-2019-17335 | Unspecified vulnerability in Tibco Spotfire Server The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains multiple vulnerabilities that theoretically allow an attacker access to data cached from a data source, or a portion of a data source, that the attacker should not have access to. | 6.5 |
| 2019-11-12 | CVE-2019-17332 | Cross-site Scripting vulnerability in Tibco EBX Add-Ons The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. | 5.4 |
| 2019-11-12 | CVE-2019-17331 | Cross-site Scripting vulnerability in Tibco EBX Add-Ons 3.20.13/4.1.0 The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. | 5.4 |
| 2019-10-09 | CVE-2019-11212 | Cross-site Scripting vulnerability in Tibco Master Data Management The MDM server component of TIBCO Software Inc's TIBCO MDM contains multiple vulnerabilities that theoretically allow an authenticated user with specific roles to perform cross-site scripting (XSS) attacks. | 5.4 |
| 2019-05-14 | CVE-2019-11206 | Unspecified vulnerability in Tibco products The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains vulnerabilities that theoretically allow a malicious user to undermine the integrity of comments and bookmarks. | 5.3 |