CVE-2025-2793: XSS Vulnerability in IBM Sterling B2B Integrator and File Gateway

IBM Sterling B2B Integrator and File Gateway are widely used platforms for managing business-to-business transactions and file transfers. A recently discovered vulnerability, CVE-2025-2793, poses a risk of cross-site scripting (XSS) attacks.

Vulnerability Details

CVE ID: CVE-2025-2793
Description: IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 are vulnerable to cross-site scripting. This allows an authenticated user to inject arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.
CVSS Score: 5.4 (Medium)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVSS Explanation:
- AV:N (Network): The attack can be launched remotely.
- AC:L (Low): The attack complexity is low, meaning it's relatively easy to exploit.
- PR:L (Low): The attacker needs low-level privileges to perform the attack.
- UI:R (Required): User interaction is required (e.g., clicking a malicious link).
- S:C (Changed): The vulnerability can affect other components beyond the initially vulnerable one.
- C:L (Low): Limited impact on confidentiality.
- I:L (Low): Limited impact on integrity.
- A:N (None): No impact on availability.
Exploit Requirements: An authenticated user must be able to interact with the Web UI. The attacker requires the victim to interact with the injected script.
Affected Vendor: IBM
Affected Product: Sterling B2B Integrator, Sterling File Gateway
Affected Versions: 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4
CWE: CWE-79 (Cross-Site Scripting)
CWE Explanation: Cross-Site Scripting (XSS) occurs when a web application includes user-provided data in its output without proper validation or escaping. This allows attackers to inject malicious scripts into the web pages viewed by other users.

Timeline of Events

2025-07-08: CVE-2025-2793 published.

Exploitability & Real-World Risk

The XSS vulnerability in IBM Sterling B2B Integrator and File Gateway could be exploited by an attacker with valid credentials to inject malicious JavaScript code into the Web UI. If successful, this can lead to session hijacking, credential theft, or the execution of arbitrary code within the user's browser. Given the sensitive nature of data handled by these platforms, the risk is significant. Attackers might target administrators to gain higher privileges within the system.

Recommendations

Apply the latest patches and updates provided by IBM.
Ensure proper input validation and output encoding are implemented in the Web UI.
Educate users about the risks of clicking on suspicious links or interacting with untrusted content.
Monitor web application logs for any suspicious activity.

Technical Insight

The vulnerability likely stems from insufficient input validation when handling user-provided data in the Web UI. By injecting carefully crafted JavaScript code, an attacker can execute arbitrary code in the context of a user's browser session, potentially compromising sensitive data or gaining unauthorized access to the system. Proper escaping and sanitization of user inputs is crucial to prevent XSS vulnerabilities.

Credit to Researcher(s)

Details regarding the researcher or organization responsible for discovering the vulnerability were not available at the time of writing. Please refer to the IBM advisory for potential updates.

CVE-2025-2793: Cross-Site Scripting Vulnerability in IBM Sterling B2B Integrator and File Gateway

CVE-2025-2793: XSS Vulnerability in IBM Sterling B2B Integrator and File Gateway

Vulnerability Details

Timeline of Events

Exploitability & Real-World Risk

Recommendations

Technical Insight

Credit to Researcher(s)

References

Tags

Timeline

References

Post a Comment

Contact Form