PT-2026-25352 · Ibm · Sterling B2B Integrator+1
Published
2026-03-13
·
Updated
2026-03-13
·
CVE-2026-0835
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.1.0.0 through 6.1.2.7 2
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.2.0.0 through 6.2.0.5 1
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.2.1.0 through 6.2.1.1 1
IBM Sterling B2B Integrator and IBM Sterling File Gateway version 6.2.2.0
Description
The software is susceptible to cross-site scripting. This allows an authenticated user to embed arbitrary JavaScript code into the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session.
Recommendations
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.1.0.0 through 6.1.2.7 2 should be updated.
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.2.0.0 through 6.2.0.5 1 should be updated.
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.2.1.0 through 6.2.1.1 1 should be updated.
IBM Sterling B2B Integrator and IBM Sterling File Gateway version 6.2.2.0 should be updated.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sterling B2B Integrator
Ibm Sterling File Gateway