Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO DataSynapse GridServer Manager

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO DataSynapse GridServer Manager

CVE-2017-5536 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

The GridServer Broker, and GridServer Director components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS). In addition, an authenticated user could be a victim of a cross-site request forgery (CSRF) attack. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.

Learn more about our Cis Benchmark Audit For Server Software.