CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50309 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2023-50309
23 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the... • https://www.ibm.com/support/pages/node/7176082 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32340 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2023-32340
23 Jan 2025 — IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7176082 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 9%CPEs: 2EXPL: 1CVE-2024-31903 – IBM Sterling B2B Integrator Standard Edition code execution
https://notcve.org/view.php?id=CVE-2024-31903
22 Jan 2025 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data. • https://github.com/WithSecureLabs/ibm-sterling-b2b-integrator-poc • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31914 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-31914
06 Jan 2025 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 a 6.1.2.5 y 6.2.0.0 a 6.2.0.2 es vulnerable a cross site scripting almacenado. Esta vulnerabilidad permite a los usuarios ... • https://www.ibm.com/support/pages/node/7176081 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31913 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2024-31913
06 Jan 2025 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 a 6.1.2.5 y 6.2.0.0 a 6.2.0.2 es vulnerable a cross site scripting almacenado. Esta vulnerabilidad permite a los usuarios ... • https://www.ibm.com/support/pages/node/7176081 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20553 – IBM Sterling B2B Integrator Standard Edition cross-site scripting
https://notcve.org/view.php?id=CVE-2021-20553
18 Dec 2024 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Sterling B2B Integrator Standard Edition 5.2.0.0 a 6.1.1.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario we... • https://www.ibm.com/support/pages/node/6496761 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42010 – IBM Sterling B2B Integrator Standard Edition information disclosure
https://notcve.org/view.php?id=CVE-2023-42010
17 Jul 2024 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. IBM X-Force ID: 265507. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 a 6.1.2.5 y 6.2.0.0 a 6.2.0.2 podría revelar información confidencial en la respuesta HTTP utilizando técnicas de intermediario. ID de IBM X-Force: 265507. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265507 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42014 – IBM Sterling B2B Integrator Standard Edition cross-site scripting
https://notcve.org/view.php?id=CVE-2023-42014
27 Jun 2024 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265511. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265511 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42011 – IBM Sterling B2B Integrator Standard Edition tapjacking
https://notcve.org/view.php?id=CVE-2023-42011
27 Jun 2024 — IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265508 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45186 – IBM Sterling B2B Integrator cross-site scripting
https://notcve.org/view.php?id=CVE-2023-45186
12 Apr 2024 — IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 268691. IBM Sterling B2B Integrator 6.0.0.0 a 6.0.3.9, 6.1.0.0 a 6.1.2.3 y 6.2.0.0 es vulnerable a Cross Site Scripting. Esta vulnerabilidad permite a un usuario... • https://exchange.xforce.ibmcloud.com/vulnerabilities/268691 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •