is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Metrics
Affected Vendors & Products
Solution
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 - 6.1.2.6 IT47515 Apply B2Bi 6.1.2.7. 6.2.0.5 or 6.2.1.0 IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.2.0.0 - 6.2.0.4 IT47515 Apply B2Bi 6.2.0.5 or 6.2.1.0 The IIM versions of 6.1.2.7, 6.2.0.5 and 6.2.1.0 are available on Fix Central. The container version of 6.1.2.7, 6.2.0.5 and 6.2.1.0 are available in IBM Entitled Registry.
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7237109 |
![]() ![]() |
Fri, 25 Jul 2025 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ibm aix
Ibm sterling File Gateway Linux Linux linux Kernel Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm aix
Ibm sterling File Gateway Linux Linux linux Kernel Microsoft Microsoft windows |
Wed, 18 Jun 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Jun 2025 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |
Title | IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site scripting | |
First Time appeared |
Ibm
Ibm sterling B2b Integrator |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.6:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.0.0:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.0.4:*:*:*:standard:*:*:* |
|
Vendors & Products |
Ibm
Ibm sterling B2b Integrator |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-08-24T11:50:52.809Z
Reserved: 2025-02-15T15:14:06.287Z
Link: CVE-2025-1349

Updated: 2025-06-18T18:06:37.247Z

Status : Analyzed
Published: 2025-06-18T17:15:28.560
Modified: 2025-07-25T17:58:03.213
Link: CVE-2025-1349

No data.

No data.