CVE-2018-12416 – TIBCO DataSynapse GridServer Manager Component Vulnerable to Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2018-12416

The GridServer Broker and GridServer Director components of TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an unauthenticated user to perform cross-site request forgery (CSRF). Affected releases are TIBCO Software Inc. TIBCO DataSynapse GridServer Manager: versions up to and including 5.2.0; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; 6.2.0; 6.3.0. Los componentes GridServer Broker y GridServer Director de TIBCO DataSynapse GridServer Manager, de TIBCO Software Inc., contienen vulnerabilidades que podrían permitir que un usuario no autenticado realice Cross-Site Request Forgery (CSRF). • http://www.securityfocus.com/bid/105913 https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-13-2018-tibco-datasynapse-gridserver-manager • CWE-352: Cross-Site Request Forgery (CSRF) •