CVE-2025-3630 Information

Jul 09, 2025 cve

Description

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6 6.2.0.0 through 6.2.0.4 IBM Sterling File Gateway

6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4

is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Reference

https://www.ibm.com/support/pages/node/7239095

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.4

CNNVD-202507-1013 (Published: 2025-07-08)

Share on: