Sterling Connectexpress Adapter For Sterling B2b Integrator 520 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (5 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-36063	1 Ibm	2 Sterling Connect\, Sterling Connectexpress Adapter For Sterling B2b Integrator 520	2026-02-05	6.3 Medium
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.
CVE-2025-36065	1 Ibm	2 Sterling Connect\, Sterling Connectexpress Adapter For Sterling B2b Integrator 520	2026-02-03	6.3 Medium
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system.
CVE-2025-36066	1 Ibm	2 Sterling Connect\, Sterling Connectexpress Adapter For Sterling B2b Integrator 520	2026-02-03	6.1 Medium
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2025-36113	1 Ibm	2 Sterling Connect\, Sterling Connectexpress Adapter For Sterling B2b Integrator 520	2026-02-03	5.4 Medium
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2025-36115	1 Ibm	2 Sterling Connect\, Sterling Connectexpress Adapter For Sterling B2b Integrator 520	2026-02-03	6.3 Medium
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.

Page 1 of 1.