CVE-2012-0688

TIBCO ActiveMatrix Platform - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (2)

[Vendor Advisory] http://www.tibco.com/multimedia/activematrix3_advisory_20120308_tcm8-15728.txt

[Vendor Advisory] http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp

Scores

EPSS 0.0025

EPSS Percentile 47.8%

Classification

CWE

CWE-79

Status published

Affected Products (16)

tibco/silver_fabric_activematrix_service_grid_distribution

tibco/activematrix_service_grid

tibco/activematrix_service_bus

tibco/activematrix_businessworks_service_engine

tibco/activematrix_bpm < 1.2.0

tibco/activematrix_bpm

... and 1 more

Timeline

Published Mar 13, 2012

Tracked Since Feb 18, 2026