Lucene search
China National Vulnerability DatabaseCNVD-2021-78435HistoryOct 09, 2021 - 12:00 a.m.
IBM Sterling File Gateway Cross-Site Scripting Vulnerability (CNVD-2021-78435)
2021-10-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
ibm sterling file gateway
cross-site scripting
vulnerability
web ui
credential disclosure
EPSS
0.001
Percentile
29.8%
IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to more securely and reliably transfer files with trading partners.IBM Sterling File Gateway versions 2.2.0.0-5.2.6.5_3, 6.0.0.0-6.0.0.6, 6.0 .1.0-6.0.3.4, and 6.1.0.0-6.1.0.1 versions are vulnerable to cross-site scripting. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality, which could lead to credential disclosure in a trusted session.
Related
cvelist
cvelist
CVE-2021-20481
2021-10-07 18:05:50
nvd
nvd
CVE-2021-20481
2021-10-07 18:15:08
cve
cve
CVE-2021-20481
2021-10-07 18:15:08
ibm
ibm
prion
prion
Cross site scripting
2021-10-07 18:15:00