Vulnerability Description
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling B2B Integrator | >= 6.0.0.0, < 6.1.2.7_1 |
| Ibm | Sterling File Gateway | >= 6.0.0.0, < 6.1.2.7_1 |
| Ibm | Aix | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.ibm.com/support/pages/node/7239095Vendor Advisory
FAQ
What is CVE-2025-3630?
CVE-2025-3630 is a vulnerability with a CVSS score of 6.4 (MEDIUM). IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scrip...
How severe is CVE-2025-3630?
CVE-2025-3630 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-3630?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling B2B Integrator, Ibm Sterling File Gateway, Ibm Aix, Linux Linux Kernel, Microsoft Windows.