Thongchai Silpavarangkura

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator Standard Edition versions 5.2.0.0 through 5.2.6.5 3 IBM Sterling B2B Integrator Standard Edition versions 6.1.0.0 through 6.1.0.2 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. The vulnerability enables the embedding of malicious code, which can compromise the security of the system. Recommendations: For versions 5.2.0.0 through 5.2.6.5 3, update to a version outside of this range to mitigate the risk. For versions 6.1.0.0 through 6.1.0.2, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the Web UI to minimize the risk of exploitation.