CVE-2025-2261

HIGH

TIBCO ActiveMatrix Administrator - XSS

Title source: llm
STIX 2.1

Description

Stored XSS in TIBCO ActiveMatrix Administrator allows malicious data to appear to be part of the website and run within user's browser under the privileges of the web application.

Scores

CVSS v4 7.0
EPSS 0.0030
EPSS Percentile 21.7%
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
TIBCO Software Inc/TIBCO BPM Enterprise 4.3 - 4
Published May 21, 2025
Tracked Since Feb 18, 2026