First published: Thu Nov 14 2024(Updated: )
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Sterling B2B Integrator | <=6.0.0.0 - 6.1.2.5 | |
IBM Sterling B2B Integrator | <=6.2.0.0 - 6.2.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-31913 is classified as a high severity vulnerability due to the impact of stored cross-site scripting.
To fix CVE-2024-31913, update IBM Sterling B2B Integrator to the latest version that is not affected by this vulnerability.
CVE-2024-31913 affects IBM Sterling B2B Integrator versions 6.0.0.0 to 6.1.2.5 and 6.2.0.0 to 6.2.0.2.
CVE-2024-31913 enables stored cross-site scripting attacks which can allow attackers to execute arbitrary JavaScript in the context of the user's browser.
Users of IBM Sterling B2B Integrator versions 6.0.0.0 to 6.1.2.5 and 6.2.0.0 to 6.2.0.2 are impacted by CVE-2024-31913.