CVE-2012-0688

Published: Mar 13, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (15)

Products: Tibco: Silver Fabric Activematrix Service Grid Distribution, Activematrix Service Grid, Activematrix Service Bus, Activematrix Businessworks Service Engine, Activematrix Bpm

Tibco

5 products

Silver Fabric Activematrix Service Grid Distribution

Activematrix Service Grid

Activematrix Service Bus

Activematrix Businessworks Service Engine

Activematrix Bpm

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tibco Silver Fabric Activematrix Service Grid Distribution	Version 3.1.3

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Tibco Activematrix Service Grid	Version 3.0.0
Tibco Activematrix Service Grid	Version 3.0.1
Tibco Activematrix Service Grid	Version 3.1.0
Tibco Activematrix Service Grid	Version 3.1.2

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Tibco Activematrix Service Bus	Version 3.0.0
Tibco Activematrix Service Bus	Version 3.0.1

Configuration D

3 vulnerable

Vulnerable Software	Affected Versions
Tibco Activematrix Businessworks Service Engine	Version 5.9.0
Tibco Activematrix Businessworks Service Engine	Version 5.9.1
Tibco Activematrix Businessworks Service Engine	Version 5.9.2

Configuration E

5 vulnerable

Vulnerable Software	Affected Versions
Tibco Activematrix Bpm	Up to 1.2.0
Tibco Activematrix Bpm	Version 1.0.1
Tibco Activematrix Bpm	Version 1.0.2
Tibco Activematrix Bpm	Version 1.1.0
Tibco Activematrix Bpm	Version 1.1.1