CVE-2018-12409

Name of the Vulnerable Software and Affected Versions TIBCO Silver Fabric versions up to and including 5.8.1

Description The issue concerns a reflected cross-site scripting (XSS) attack in the SOAP Admin API component. This type of attack occurs when an application takes user input and sends it back to the user without proper validation, allowing an attacker to inject malicious code.

Recommendations For versions up to and including 5.8.1, update to a version later than 5.8.1 to resolve the issue. As a temporary workaround, consider restricting access to the SOAP Admin API component to minimize the risk of exploitation.