Severity: Medium

 

Summary: When Salesforce Canvas Adapter for Tableau (also known as Tableau Sparkler) is used with Salesforce, under certain circumstances an authenticated user can impersonate another Tableau Server user.  See this KB article for more information.

 

Vulnerable Versions:

All versions of Salesforce Canvas Adapter for Tableau, also known as Tableau Sparkler, through 1.0.1

 

Resolution: The issue can be fixed by upgrading to the following Sparkler version:

Tableau Sparklers 1.0.2