CNNVD-202601-3213 Information
Jan 20, 2026
cve
CNNVD ID
CNNVD-202601-3213
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
IBM Sterling Connect:Express Adapter for Sterling是美国国际商业机器(IBM)公司的一个通信适配器。 IBM Sterling Connect:Express Adapter for Sterling 5.2.0.00版本至5.2.0.12版本存在跨站脚本漏洞,该漏洞源于经过身份验证的用户可在Web UI中嵌入任意JavaScript代码,可能导致凭据泄露。
Description (English)
IBM Sterling Connect: Express Adapter for Sterling is a communications adapter for the United States International Business Machine (IBM). IBM Sterling Connect: Express Atlas for Sterling 5.2.0.00 to 5.2.0.12 contains a cross-site script loophole, which stems from the fact that an identified user can embed any JavaScript code in Web UI, which could lead to a leaking of evidence.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
国际商业机器
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7257244
Patch
https://www.ibm.com/support/pages/node/7257244
Share on: