← back
CVE-2018-1563

CVE-2018-1563

CVSS 5.4 MEDIUMEPSS 2.8%
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.
CVSS:3.0/A:N/AC:L/AV:N/C:L/I:L/PR:L/S:C/UI:R/E:H/RC:C/RL:O
Affected products
IBM · Sterling File Gateway
public PoCs found2
cve_referencewww.exploit-db.com/exploits/45190/unverifiedexploitdbwww.exploit-db.com/exploits/45190unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/142967https://www.exploit-db.com/exploits/45190/http://www.ibm.com/support/docview.wss?uid=ibm10717031http://www.securityfocus.com/bid/104910