CVE-2024-49339

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

CVE-2024-40696

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

CVE-2024-49339

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0–3.2.4.13 is affected by CVE-2024-49339, a stored cross-site scripting vulnerability in the Web UI allowing authenticated users to inject JavaScript and potentially disclose credentials. IBM's remediation is to upgrade...

CVE-2024-49807

CVE-2024-49807 affects IBM Sterling B2B Integrator Standard Edition, vulnerable to stored cross-site scripting in the Web UI. Affected versions are 6.0.0.0–6.1.2.5 and 6.2.0.0–6.2.0.3. The vulnerability allows authenticated users to embed arbitrary JavaScript, potentially altering functionality a...

CVE-2024-49807 IBM Sterling B2B Integrator cross-site scripting

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin...

CVE-2024-40696

The CVE-2024-40696 issue affects IBM Sterling B2B Integrator Standard Edition (versions 6.0.0.0–6.1.2.5 and 6.2.0.0–6.2.0.3). Root cause: cross-site scripting (Stored type in some entries) that lets a privileged user embed arbitrary JavaScript in the Web UI, potentially altering functionality and...

CVE-2024-40696 IBM Sterling B2B Integrator cross-site scripting

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

CVE-2024-40696 IBM Sterling B2B Integrator cross-site scripting

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

CVE-2024-47103 IBM Sterling B2B Integrator cross-site scripting

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

CVE-2024-47103

IBM Sterling B2B Integrator vulnerable to cross-site scripting (CVE-2024-47103) in Standard Edition for versions 6.0.0.0–6.1.2.5 and 6.2.0.0–6.2.0.3. A privileged user can embed arbitrary JavaScript in the Web UI, potentially exposing credentials within a trusted session. IBM’s bulletin cites CVS...

The vulnerability of the Strapi content management system, related to the lack of protective measures for web pages, allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the CMS Strapi content management platform, related to the lack of security measures for web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code by loading a specially crafted PDF file remotely...

CVE-2024-37527

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2023-52292

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...

CVE-2024-37527 IBM OpenPages with Watson cross-site scripting

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2023-46187

IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2024-35145

IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

CVE-2023-50309

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

CVE-2023-50309

CVE-2023-50309 affects IBM Sterling B2B Integrator: stored cross-site scripting in the Web UI. Affected versions are 6.0.0.0–6.1.2.5 and 6.2.0.0. The vulnerability can allow an attacker to embed arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure in a trusted session...

CVE-2023-32340

IBM Sterling B2B Integrator is affected by CVE-2023-32340: cross-site scripting in the Web UI affecting versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0. The vulnerability lets an attacker inject arbitrary JavaScript in the Web UI, potentially altering functionality and exposing credentials within a ...

CVE-2023-32340 IBM Sterling B2B Integrator cross-site scripting

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...