CVE-2018-5432

Name of the Vulnerable Software and Affected Versions TIBCO Administrator - Enterprise Edition versions up to and including 5.10.0 TIBCO Administrator - Enterprise Edition for z/Linux versions up to and including 5.9.1

Description The issue allows a malicious user to perform cross-site scripting (XSS) attacks by manipulating artifacts prior to uploading them. This is a type of attack where an attacker injects malicious code into a website, which is then executed by the user's browser.

Recommendations For TIBCO Administrator - Enterprise Edition versions up to and including 5.10.0, update to a version later than 5.10.0 to resolve the issue. For TIBCO Administrator - Enterprise Edition for z/Linux versions up to and including 5.9.1, update to a version later than 5.9.1 to resolve the issue. As a temporary workaround, consider restricting the upload of artifacts to trusted sources until a patch is available.