CNNVD-202601-3214 Information
Jan 20, 2026
cve
CNNVD ID
CNNVD-202601-3214
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
IBM Sterling Connect:Express Adapter for Sterling是美国国际商业机器(IBM)公司的一个通信适配器。 IBM Sterling Connect:Express Adapter for Sterling 5.2.0.00版本至5.2.0.12版本存在跨站脚本漏洞,该漏洞源于未经验证的攻击者可在Web UI中嵌入任意JavaScript代码,可能导致凭据泄露。
Description (English)
IBM Sterling Connect: Express Adapter for Sterling is a communications adapter for the United States International Business Machine (IBM). IBM Sterling Contact: Express Atlas for Sterling 5.2.0.00 to 5.2.0.12 has a cross-site script loophole, which stems from the fact that unverified assailants can embed any JavaScript code in Web UI, which could lead to the release of evidence.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
国际商业机器
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7257244
Patch
https://www.ibm.com/support/pages/node/7257244
Share on: