The following components are affected:
The tibbr components listed above expose a weakness in an improperly sandboxed third-party component.
The impact of this vulnerability includes the ability to execute arbitrary code with the privileges of the user that invoked the tibbr server.
CVSS v3 Base Score: 8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
TIBCO has released updated versions of the affected components which address these issues.
For each affected system, update to the corresponding software versions:
For tibbr Community
For tibbr Enterprise