First published: Thu Nov 14 2024(Updated: )
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Sterling B2B Integrator | <=6.0.0.0 - 6.1.2.5 | |
IBM Sterling B2B Integrator | <=6.2.0.0 - 6.2.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-31914 has a moderate severity rating due to its potential for stored cross-site scripting attacks.
To fix CVE-2024-31914, upgrade to IBM Sterling B2B Integrator version 6.2.0.3 or later.
CVE-2024-31914 affects IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2.
CVE-2024-31914 is classified as a stored cross-site scripting vulnerability.
The impacts of CVE-2024-31914 include the ability for attackers to embed arbitrary JavaScript in the Web UI, which can lead to unauthorized actions and data exposure.