CVE-2026-3912Improper Input Validation in Activematrix Businessworks

CWE-20Improper Input Validation3 documents3 sources
Severity
8.7HIGHNVD
EPSS
0.0%
top 91.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tibco Activematrix BusinessworksTibco Enterprise Administrator
Timeline
PublishedMar 24

Description

Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Affected Packages2 packages

CVEListV5tibco/enterprise_administrator2.4.3HF2
CVEListV5tibco/activematrix_businessworks6.12.0HF1+3

🔴Vulnerability Details

2
GHSA
GHSA-cprf-3qg3-3hp4: Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows info2026-03-24
CVEList
TIBCO ActiveMatrix BusinessWorks Injection Vulnerability2026-03-24
CVE-2026-3912 — Improper Input Validation | cvebase