CVE-2025-2261

high

Description

Stored XSS in TIBCO ActiveMatrix Administrator allows malicious data to appear to be part of the website and run within user's browser under the privileges of the web application.

References

https://community.tibco.com/advisories/tibco-security-advisory-may-13-2025-tibco-bpm-enterprise-cve-2025-2261-r220/

Details

Source: Mitre, NVD

Published: 2025-05-21

Updated: 2025-05-21

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

CVSS v4

Base Score: 7

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.00047

Detections

Analytics