Skip to main content

Sterling Order Management

3 CVEs product

Monthly

CVE-2021-20554 MEDIUM PATCH This Month

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Sterling Order Management
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2015-1911 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Sterling Order Management 8.5 before HF113, Sterling Selling and Fulfillment Foundation 9.0.0 before FP92, and Sterling Field Sales (SFS) 9.0 before HF7 in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

IBM XSS Sterling Field Sales Sterling Order Management Sterling Selling And Fulfillment Foundation
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0932 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Sterling Order Management Sterling Selling And Fulfillment Foundation
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Sterling Order Management
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Sterling Order Management 8.5 before HF113, Sterling Selling and Fulfillment Foundation 9.0.0 before FP92, and Sterling Field Sales (SFS) 9.0 before HF7 in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

IBM XSS Sterling Field Sales +2
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Sterling Order Management +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy