IBM Sterling Order Management is an order management system that allows companies to seamlessly synchronize and manage the entire lifecycle of orders.A cross-site scripting vulnerability exists in IBM Sterling Order Management versions 9.4, 9.5, and 10.0. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality, which could lead to credential disclosure in a trusted session.
CPE | Name | Operator | Version |
---|---|---|---|
ibm ibm sterling order management | eq | 9.4 | |
ibm ibm sterling order management | eq | 9.5 | |
ibm ibm sterling order management | eq | 10.0 |