CVE-2018-12415

The Central Administration server (emsca) component of TIBCO Software Inc.’s TIBCO Enterprise Messaging Service, TIBCO Enterprise Messaging Service – Community Edition, and TIBCO Enterprise Messaging Service – Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.’s TIBCO Enterprise Messaging Service: versions up to and including 8.4.0, TIBCO Enterprise Messaging Service – Community Edition: versions up to and including 8.4.0, and TIBCO Enterprise Messaging Service – Developer Edition versions up to and including 8.4.0.

Source: CVE-2018-12415