EUVD-2025-208664CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
4Description
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Analysis
This is a stored cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway that allows authenticated users to inject arbitrary JavaScript into the Web UI, potentially compromising session security and enabling credential theft. The vulnerability affects versions 6.1.0.0 through 6.2.2.0 across multiple minor version ranges, and while not yet listed as actively exploited in known vulnerability databases, the authentication requirement and UI-based attack surface present a moderate real-world risk for enterprises running these B2B integration platforms.
Technical Context
The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), which indicates the Web UI components of IBM Sterling B2B Integrator and File Gateway fail to properly sanitize or escape user-supplied input before rendering it in HTML contexts. These products serve as integration hubs for B2B workflows and file transfer operations, making the Web UI a critical administrative interface. The affected CPE strings are cpe:2.3:a:ibm:sterling_b2b_integrator and cpe:2.3:a:ibm:sterling_file_gateway, with the vulnerability present in the 6.1.x and 6.2.x release branches. The root cause is likely insufficient input validation or output encoding in one or more Web UI components that accept and reflect user-controlled data without proper HTML entity encoding or Content Security Policy enforcement.
Affected Products
IBM Sterling B2B Integrator and IBM Sterling File Gateway are affected across the following version ranges: 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0. These products are identified by CPE strings cpe:2.3:a:ibm:sterling_b2b_integrator and cpe:2.3:a:ibm:sterling_file_gateway respectively. The vulnerability has been officially documented in the IBM Security Advisory, which provides the authoritative list of impacted versions and patched releases. Organizations running any version within these ranges should prioritize verification of their installed versions against this list.
Remediation
IBM has released patched versions addressing this vulnerability; upgrade IBM Sterling B2B Integrator and IBM Sterling File Gateway to versions released after 6.2.2.0 or apply the specific patches identified in the IBM Security Advisory (available through IBM's security portal). For organizations unable to patch immediately, implement network-level mitigations including: restrict Web UI access to trusted administrative IP ranges via firewall rules, enforce network segmentation to limit lateral movement from compromised administrative accounts, implement reverse proxy with strong Content Security Policy headers (frame-ancestors, script-src directives) to limit JavaScript injection impact, enable Web UI session logging and anomaly detection to identify malicious script injection attempts, and strengthen authentication with multi-factor authentication for administrative accounts to raise the bar for authenticated attacks. Additionally, review Web UI access logs for evidence of stored XSS injection attempts using patterns like script tags, event handlers, and JavaScript protocol schemes.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today