XSS in Tibco Activematrix_bpm

CVE-2019-8991

The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Gr…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.009 (56.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2019-8991?
CVE-2019-8991 is a high-severity vulnerability in Tibco Activematrix_bpm, classified under Cross-site Scripting. CVSS score: 8.8/10. Published 2019-04-24.
How severe is CVE-2019-8991?
High severity. CVSS v3 base score is 8.8 out of 10.