Security Bulletin: IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2024-31913 CVE-2024-31914)

Summary IBM Sterling B2B Integrator is vulnerable to cross-site scripting. Vulnerability Details CVEID:CVE-2024-31914 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W...

CVE-2023-42014

IBM Sterling B2B Integrator Standard Edition (versions 6.0.0.0–6.2.0.2) is affected by CVE-2023-42014. A cross-site scripting flaw resides in the Web UI, where an authenticated user can inject arbitrary JavaScript to alter functionality and potentially disclose credentials within a trusted sessio...

PT-2024-13030 · Ibm · Ibm Sterling B2B Integrator Standard Edition

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.2.0.2 Description: The issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to...

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnearble to denial of service due to json-path (CVE-2023-51074)

Summary B2B API of IBM Sterling B2B Integrator is vulnearble to denial of service due to json-path CVE-2023-51074. IBM Sterling B2B Integrator has remediated this vulnerabilty; Follow steps identified in Remediation/Fixes section to address vulnerability in your environment. Vulnerability Details...

Security Bulletin: PostgreSQL Sensitive Information Exposure Vulnerability Affects IBM Connect:Direct Web Services (CVE-2021-32029)

Summary IBM Connect:Direct Web Services has addressed a PostgreSQL vulnerability that potentially exposes sensitive information to a remote attacker. Vulnerability Details CVEID: CVE-2021-32029 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to obtain sensitive information,...

CVE-2020-4344

IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 178247...

RSA Archer Multiple Vulnerabilities

RSA Archer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:emc:rsaarchergrc"; if descriptio...

CVE-2009-5083

CVE-2009-5083 affects IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 prior to 6.2.0.2 when configured as an OpenID relying party. The underlying issue is that the component does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, allowing a remote...