{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T00:30:01.905","vulnerabilities":[{"cve":{"id":"CVE-2025-14504","sourceIdentifier":"psirt@us.ibm.com","published":"2026-03-13T19:53:50.133","lastModified":"2026-03-20T19:19:02.197","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."},{"lang":"es","value":"IBM Sterling B2B Integrator e IBM Sterling File Gateway 6.1.0.0 hasta 6.1.2.7_2, 6.2.0.0 hasta 6.2.0.5_1, 6.2.1.0 hasta 6.2.1.1_1, y 6.2.2.0 son vulnerables a cross-site scripting. Esta vulnerabilidad permite a un usuario autenticado incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista y lo que podría llevar a la divulgación de credenciales dentro de una sesión de confianza."}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0.0","versionEndExcluding":"6.1.2.8","matchCriteriaId":"CF5BFBAA-B7B6-43FC-893D-F62E8AC28673"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0.0","versionEndExcluding":"6.2.0.5_2","matchCriteriaId":"0F026F01-EF66-4E43-A081-F1B2C7C87904"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.1.0","versionEndExcluding":"6.2.1.1_2","matchCriteriaId":"0D31014C-F7D8-4B69-AB89-2A6AEAB7B667"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.2.0:*:*:*:*:*:*:*","matchCriteriaId":"E8CC6F03-A96D-4D0F-A846-890006E405A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0.0","versionEndExcluding":"6.1.2.8","matchCriteriaId":"00C60634-AE0C-4641-B645-0D0511A0070C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0.0","versionEndExcluding":"6.2.0.5_2","matchCriteriaId":"98CB35E7-789A-44B3-86E3-6F2A0CE56D4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.1.0","versionEndExcluding":"6.2.1.1_2","matchCriteriaId":"4AD23AED-25F6-45AB-93DD-FC1864431290"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sterling_file_gateway:6.2.2.0:*:*:*:*:*:*:*","matchCriteriaId":"C2813946-2022-4789-9285-25E576E49609"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7263327","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]}]}}]}