CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1349 – IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site scripting
https://notcve.org/view.php?id=CVE-2025-1349
18 Jun 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7237109 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1348 – IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure
https://notcve.org/view.php?id=CVE-2025-1348
18 Jun 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy. • https://www.ibm.com/support/pages/node/7237068 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-54172 – IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-54172
18 Jun 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. • https://www.ibm.com/support/pages/node/7237059 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-54183 – IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site scripting
https://notcve.org/view.php?id=CVE-2024-54183
18 Jun 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7237060 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47116 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-47116
31 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7182046 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45089 – IBM Sterling B2B Integrator information disclosure
https://notcve.org/view.php?id=CVE-2024-45089
31 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy. • https://www.ibm.com/support/pages/node/7182063 • CWE-203: Observable Discrepancy •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49807 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-49807
31 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7182011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40696 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-40696
31 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7182011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47103 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-47103
31 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7182011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38739 – IBM Sterling B2B Integrator cross-site request forgery
https://notcve.org/view.php?id=CVE-2023-38739
31 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. • https://www.ibm.com/support/pages/node/7182004 • CWE-352: Cross-Site Request Forgery (CSRF) •