CVE-2012-0688: XSS
First published: Tue Mar 13 2012(Updated: )
Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TIBCO Silver Fabric ActiveMatrix Service Grid Distribution | =3.1.3 | |
| TIBCO ActiveMatrix Service Grid | =3.0.0 | |
| TIBCO ActiveMatrix Service Grid | =3.0.1 | |
| TIBCO ActiveMatrix Service Grid | =3.1.0 | |
| TIBCO ActiveMatrix Service Grid | =3.1.2 | |
| TIBCO ActiveMatrix Service Bus | =3.0.0 | |
| TIBCO ActiveMatrix Service Bus | =3.0.1 | |
| TIBCO ActiveMatrix BusinessWorks | =5.9.0 | |
| TIBCO ActiveMatrix BusinessWorks | =5.9.1 | |
| TIBCO ActiveMatrix BusinessWorks | =5.9.2 | |
| TIBCO ActiveMatrix Business Process Management | <=1.2.0 | |
| TIBCO ActiveMatrix Business Process Management | =1.0.1 | |
| TIBCO ActiveMatrix Business Process Management | =1.0.2 | |
| TIBCO ActiveMatrix Business Process Management | =1.1.0 | |
| TIBCO ActiveMatrix Business Process Management | =1.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-0688?
CVE-2012-0688 is classified as a moderate severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2012-0688?
To resolve CVE-2012-0688, upgrade TIBCO ActiveMatrix Platform products to the latest versions that have addressed this vulnerability.
Which TIBCO products are affected by CVE-2012-0688?
CVE-2012-0688 affects TIBCO ActiveMatrix Service Grid, Service Bus, BusinessWorks Service Engine, and BPM products prior to specified versions.
Can CVE-2012-0688 be exploited remotely?
Yes, CVE-2012-0688 can be exploited remotely by attackers to inject arbitrary web script or HTML.
What are the potential impacts of CVE-2012-0688?
The impacts of CVE-2012-0688 include unauthorized access and manipulation of web sessions, which could lead to data theft and other security breaches.
- agent/references
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/tibco
- canonical/tibco silver fabric activematrix service grid distribution
- version/tibco silver fabric activematrix service grid distribution/3.1.3
- canonical/tibco activematrix service grid
- version/tibco activematrix service grid/3.0.0
- version/tibco activematrix service grid/3.0.1
- version/tibco activematrix service grid/3.1.0
- version/tibco activematrix service grid/3.1.2
- canonical/tibco activematrix service bus
- version/tibco activematrix service bus/3.0.0
- version/tibco activematrix service bus/3.0.1
- canonical/tibco activematrix businessworks
- version/tibco activematrix businessworks/5.9.0
- version/tibco activematrix businessworks/5.9.1
- version/tibco activematrix businessworks/5.9.2
- canonical/tibco activematrix business process management
- version/tibco activematrix business process management/1.2.0
- version/tibco activematrix business process management/1.0.1
- version/tibco activematrix business process management/1.0.2
- version/tibco activematrix business process management/1.1.0
- version/tibco activematrix business process management/1.1.1