CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18807 – TIBCO Statistica Server Vulnerable to Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-18807
The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Statistica Server versions up to and including 13.4.0. La aplicación web del componente TIBCO Statistica, del servidor TIBCO Statistica de TIBCO Software Inc., contiene vulnerabilidades que podrían permitir a un usuario autenticado realizar ataques Cross-Site Scripting (XSS). • http://www.securityfocus.com/bid/106021 http://www.tibco.com/services/support/advisories https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-26-2018-tibco-statistica-server • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •