Cross-Site Scripting Vulnerability in IBM Sterling B2B Integrator and File Gateway
CVE-2020-4564

5.4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
20 October 2020

Summary

The vulnerability in IBM Sterling B2B Integrator and File Gateway allows attackers to exploit cross-site scripting issues. By embedding arbitrary JavaScript code in the web interface, the functionality of these applications can be altered. This could lead to unauthorized disclosure of sensitive information such as user credentials during a trusted session, posing a significant risk to users' security.

Affected Version(s)

Sterling B2B Integrator 5.2.0.0

Sterling B2B Integrator 6.0.3.1

Sterling File Gateway 2.2.0.0

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.