CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43578 – IBM Sterling B2B Integrator Standard Edition cross-site scripting
https://notcve.org/view.php?id=CVE-2022-43578
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238683. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238683 https://www.ibm.com/support/pages/node/6957156 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40231 – IBM Sterling B2B Integrator Standard Edition improper access control
https://notcve.org/view.php?id=CVE-2022-40231
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533. • https://exchange.xforce.ibmcloud.com/vulnerabilities/235533 https://www.ibm.com/support/pages/node/6954771 •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43579 – IBM Sterling B2B Integrator Standard Edition cross-site scripting
https://notcve.org/view.php?id=CVE-2022-43579
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238684 https://www.ibm.com/support/pages/node/6954765 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40232 – IBM Sterling B2B Integrator Standard Edition improper access control
https://notcve.org/view.php?id=CVE-2022-40232
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597. • https://exchange.xforce.ibmcloud.com/vulnerabilities/235597 https://www.ibm.com/support/pages/node/6954465 • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22337 – IBM Sterling B2B Integrator Standard Edition information disclosure
https://notcve.org/view.php?id=CVE-2022-22337
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user. IBM X-Force ID: 219507. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 a 6.1.2.1 podría revelar información confidencial a un usuario no autenticado. ID de IBM X-Force: 219507. • https://exchange.xforce.ibmcloud.com/vulnerabilities/219507 https://www.ibm.com/support/pages/node/6852459 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •