TIBCO Spotfire Automation Services等都是美国TIBCO软件公司的产品。Spotfire Automation Services是一套运行自动分析的工具；Spotfire Professional是一款为各个方面的商业分析师和用户提供全面分析的平台。 多款TIBCO产品中存在跨站脚本漏洞。攻击者可利用该漏洞执行任意Web脚本或HTML。

TIBCO Spotfire Web Player Client 7.0.1 TIBCO Spotfire Web Player Client 6.5.3 TIBCO Spotfire Web Player Client 7.0 TIBCO Spotfire Professional 7.0.1 TIBCO Spotfire Professional 6.5.3 TIBCO Spotfire Professional 7.0 TIBCO Spotfire Desktop Language Packs 7.7 TIBCO Spotfire Desktop Language Packs 7.6 TIBCO Spotfire Desktop Developer Edition 7.7 TIBCO Spotfire Desktop Language Packs 7.0.1 TIBCO Spotfire Desktop 7.7 TIBCO Spotfire Desktop 7.6 TIBCO Spotfire Desktop 7.5 TIBCO Spotfire Desktop 7.0.1 TIBCO Spotfire Desktop 7.0 TIBCO Spotfire Desktop 6.5.2 TIBCO Spotfire Deployment Kit 7.7 TIBCO Spotfire Deployment Kit 7.6 TIBCO Spotfire Deployment Kit 7.5 TIBCO Spotfire Deployment Kit 7.0.1 TIBCO Spotfire Deployment Kit 7.0 TIBCO Spotfire Deployment Kit 6.5.3 TIBCO Spotfire Connectors 7.6 TIBCO Spotfire Automation Services 7.0.1 TIBCO Spotfire Automation Services 7.0 TIBCO Spotfire Automation Services 6.5.3 TIBCO Spotfire Analytics Platform for AWS Marketplace 7.0.2 TIBCO Spotfire Analyst 7.7 TIBCO Spotfire Analyst 7.6 TIBCO Spotfire Analyst 7.5 TIBCO Silver Fabric Enabler for Spotfire Web Player 2.1.2

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: