Vulnerability Description
The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Statistica Server versions up to and including 13.4.0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Statistica Server | <= 13.4.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106021Third Party AdvisoryVDB Entry
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-novembeVendor Advisory
- http://www.securityfocus.com/bid/106021Third Party AdvisoryVDB Entry
- http://www.tibco.com/services/support/advisoriesVendor Advisory
- https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-novembeVendor Advisory
FAQ
What is CVE-2018-18807?
CVE-2018-18807 is a vulnerability with a CVSS score of 7.6 (HIGH). The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (X...
How severe is CVE-2018-18807?
CVE-2018-18807 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18807?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Statistica Server.