1071 matches found
CVE-2025-13702
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
CVE-2025-13702 IBM Sterling Partner Engagement Manager Cross-Site Scripting
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
CVE-2025-13702
CVE-2025-13702 affects IBM Sterling Partner Engagement Manager, versions 6.2.3.0–6.2.3.5 and 6.2.4.0–6.2.4.2. The issue is a cross-site scripting (XSS) vulnerability that allows an authenticated user to embed arbitrary JavaScript in the Web UI, potentially altering functionality and leading to cr...
CVE-2025-13718 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...
CVE-2025-13718 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...
CVE-2025-13718
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...
CVE-2025-13718
IBM Sterling Partner Engagement Manager versions 6.2.3.0–6.2.3.5 and 6.2.4.0–6.2.4.2 are affected by an information disclosure vulnerability that could allow a remote attacker to obtain sensitive data in cleartext over a network channel that can be sniffed. The root cause and exact technical deta...
CVE-2025-13723
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...
CVE-2025-13723 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...
CVE-2025-13723 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...
CVE-2025-13723
IBM Sterling Partner Engagement Manager (Essentials and Standard Editions) versions 6.2.3.0–6.2.3.5 and 6.2.4.0–6.2.4.2 are affected by a vulnerability that could allow an attacker to obtain sensitive user information via expired access tokens. Root cause described in Red Hat and NVD records is a...
CVE-2025-13726 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
CVE-2025-13726 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
CVE-2025-13726
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
CVE-2025-13726
IBM Sterling Partner Engagement Manager versions 6.2.3.0–6.2.3.5 and 6.2.4.0–6.2.4.2 are affected by an information disclosure vulnerability where detailed technical error messages may reveal sensitive data to a remote attacker. The provided documents consistently describe the impact as informati...
CVE-2025-14811 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
CVE-2025-14811
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
CVE-2025-14811 IBM Sterling Partner Engagement Manager Information Disclosure
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
CVE-2025-14811
IBM Sterling Partner Engagement Manager (Essentials: 6.2.3.0–6.2.3.5; 6.2.4.0–6.2.4.2; Standard: 6.2.3.0–6.2.3.5; 6.2.4.0–6.2.4.2) contains an information disclosure vulnerability. An attacker could obtain sensitive information from the query string of HTTP GET requests, potentially leveraging ma...
PT-2026-25345
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...