The Spotfire components listed above contain multiple vulnerabilities which may allow authorized users to perform SQL injection attacks.
The impact of this vulnerability includes the theoretical disclosure of confidential data.
CVSS v3 Base Score: 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
TIBCO has released updated versions of the affected components which address these issues.
For each affected system, update to the corresponding software versions: