Vulnerability Details CVE-2018-18807
The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Statistica Server versions up to and including 13.4.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 7.6
CVSS v2 Score 3.5
References
- http://www.securityfocus.com/bid/106021
- http://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-26-2018-tibco-statistica-server
- http://www.securityfocus.com/bid/106021
- http://www.tibco.com/services/support/advisories
- https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-26-2018-tibco-statistica-server
Products affected by CVE-2018-18807
-
cpe:2.3:a:tibco:statistica_server:13.3.0
-
cpe:2.3:a:tibco:statistica_server:13.4.0