Vulnerability Description
Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Silver Fabric Activematrix Service Grid Distribution | 3.1.3 |
| Tibco | Activematrix Service Grid | 3.0.0 |
| Tibco | Activematrix Service Bus | 3.0.0 |
| Tibco | Activematrix Businessworks Service Engine | 5.9.0 |
| Tibco | Activematrix Bpm | <= 1.2.0 |
Related Weaknesses (CWE)
References
- http://www.tibco.com/multimedia/activematrix3_advisory_20120308_tcm8-15728.txtVendor Advisory
- http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_201203Vendor Advisory
- http://www.tibco.com/multimedia/activematrix3_advisory_20120308_tcm8-15728.txtVendor Advisory
- http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_201203Vendor Advisory
FAQ
What is CVE-2012-0688?
CVE-2012-0688 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWork...
How severe is CVE-2012-0688?
CVE-2012-0688 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0688?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Silver Fabric Activematrix Service Grid Distribution, Tibco Activematrix Service Grid, Tibco Activematrix Service Bus, Tibco Activematrix Businessworks Service Engine, Tibco Activematrix Bpm.