Improper input validation in Ibm Sterling_b2b_integrator

CVE-2013-5411

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.002 (48.2th percentile) — read the EPSS interpretation.

Affected products

Ibm Sterling_b2b_integrator — versions 5.2
Ibm Sterling_file_gateway — versions 2.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

ibm-sterling-cve20135411-link-inj(87360) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
IC96059 (vendor-advisory, x_refsource_AIXAPAR)