CVE-2025-1349 is a stored cross-site scripting (XSS) vulnerability affecting IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4. This vulnerability arises from improper neutralization of input during web page generation (CWE-79), allowing a privileged user to inject arbitrary JavaScript code into the web user interface. Because the injected script is stored and executed within the context of the trusted application session, it can alter intended functionality and potentially lead to the disclosure of sensitive information such as user credentials. The vulnerability requires a privileged user to exploit, meaning that an attacker must already have elevated access to the system to embed malicious scripts. The CVSS v3.1 base score is 5.5 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), high privileges required (PR:H), no user interaction (UI:N), scope changed (S:C), and impacts on confidentiality and integrity (C:L/I:L) but no impact on availability (A:N). No known exploits are currently reported in the wild, and no patches are linked in the provided data, suggesting that remediation may require vendor updates or configuration changes. The vulnerability affects critical business-to-business integration platforms used for secure data exchange and file transfers, which are often integral to enterprise supply chain and partner communications.

For European organizations, this vulnerability poses a significant risk primarily in environments where IBM Sterling B2B Integrator or File Gateway are deployed to manage sensitive business transactions and partner data exchanges. Exploitation could lead to unauthorized disclosure of credentials or session tokens within trusted sessions, enabling attackers to escalate privileges or move laterally within the network. This could compromise the confidentiality and integrity of critical business data and disrupt secure communications with partners. Given the privileged user requirement, insider threats or compromised administrative accounts are the most likely vectors. The impact is heightened in sectors with stringent data protection regulations such as GDPR, where data breaches can result in severe legal and financial penalties. Additionally, disruption or manipulation of B2B integrations can affect supply chain reliability, impacting operational continuity and customer trust.

To mitigate this vulnerability, European organizations should: 1) Restrict and monitor privileged user access rigorously, implementing least privilege principles and strong authentication mechanisms such as multi-factor authentication (MFA) to reduce the risk of insider threats or compromised accounts. 2) Conduct thorough input validation and output encoding on all user-supplied data within the IBM Sterling B2B Integrator UI to prevent injection of malicious scripts. 3) Apply any available vendor patches or updates promptly once released by IBM. 4) Implement Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts within the web interface. 5) Regularly audit and review logs for suspicious activities related to UI modifications or script injections. 6) Educate administrators and privileged users about the risks of XSS and safe usage practices. 7) Consider network segmentation to isolate B2B integration platforms from general user networks to limit exposure.