Vulnerabilities > Tibco > Spotfire Analytics Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-13 | CVE-2012-0690 | Information Exposure vulnerability in Tibco products TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analytics Client Application in Spotfire Analytics Server before 10.1.2; Server before 3.3.3; and Web Player, Automation Services, and Professional before 4.0.2 allow remote attackers to obtain sensitive information via a crafted URL. | 5.0 |
| 2011-09-02 | CVE-2011-3133 | Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |
| 2011-09-02 | CVE-2011-3132 | Cross-Site Scripting vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |