CVE-2019-4027
https://notcve.org/view.php?id=CVE-2019-4027
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 155905. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/107223 https://exchange.xforce.ibmcloud.com/vulnerabilities/155905 https://www.ibm.com/support/docview.wss?uid=ibm10874246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-4029
https://notcve.org/view.php?id=CVE-2019-4029
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/107223 https://exchange.xforce.ibmcloud.com/vulnerabilities/155907 https://www.ibm.com/support/docview.wss?uid=ibm10874246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-4063
https://notcve.org/view.php?id=CVE-2019-4063
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. An attacker could obtain this information using man in the middle techniques. IBM X-ForceID: 157008. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, en su edición estándar, podría permitir que se transmita información sensible en texto plano. Un atacante podría obtener esta información empleando técnicas Man-in-the-Middle (MitM). • http://www.securityfocus.com/bid/107310 https://exchange.xforce.ibmcloud.com/vulnerabilities/157008 https://www.ibm.com/support/docview.wss?uid=ibm10874234 • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2019-4028
https://notcve.org/view.php?id=CVE-2019-4028
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155906. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/107223 https://exchange.xforce.ibmcloud.com/vulnerabilities/155906 https://www.ibm.com/support/docview.wss?uid=ibm10874246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-1718
https://notcve.org/view.php?id=CVE-2018-1718
IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147166. IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/104938 https://exchange.xforce.ibmcloud.com/vulnerabilities/147166 https://www.ibm.com/support/docview.wss?uid=ibm10718863 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •