Sterling_b2b_integrator - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Sterling_b2b_integrator
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	169

Date	Id	Summary	Products	Score	Patch	Annotated
2025-01-31	CVE-2024-40696	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	Sterling_b2b_integrator	5.4
2025-01-31	CVE-2024-45089	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy.	Sterling_b2b_integrator	4.3
2025-01-31	CVE-2024-47103	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	Sterling_b2b_integrator	5.4
2025-01-31	CVE-2024-47116	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	Sterling_b2b_integrator	5.4
2025-01-23	CVE-2023-50309	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	Sterling_b2b_integrator	5.4
2025-01-23	CVE-2023-32340	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	Sterling_b2b_integrator	5.4
2016-01-02	CVE-2015-7450	Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.	Sterling_b2b_integrator, Sterling_integrator, Tivoli_common_reporting, Watson_content_analytics, Watson_explorer_analytical_components, Watson_explorer_annotation_administration_console, Websphere_application_server	9.8
2020-05-13	CVE-2020-4312	IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 could allow an authenticated user to obtain sensitive information from a cached web page. IBM X-Force ID: 177089.	Sterling_b2b_integrator	4.3
2020-10-20	CVE-2020-4564	IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183933.	Sterling_b2b_integrator, Sterling_file_gateway	5.4
2020-11-16	CVE-2020-4475	IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.	Sterling_b2b_integrator	6.5