CVE-2025-2793 is a medium-severity cross-site scripting (XSS) vulnerability identified in IBM Sterling B2B Integrator and IBM Sterling File Gateway products, specifically affecting versions 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4. The vulnerability stems from improper neutralization of input during web page generation (CWE-79), allowing an authenticated user to inject arbitrary JavaScript code into the web user interface. This injected script can alter the intended functionality of the application, potentially leading to the disclosure of credentials within a trusted session. The vulnerability requires the attacker to have authenticated access and involves user interaction, as the malicious script executes in the context of a legitimate user’s session. The CVSS v3.1 base score is 5.4, reflecting a medium severity with network attack vector, low attack complexity, and privileges required. The scope is changed, indicating that the vulnerability affects components beyond the initially vulnerable module. While no known exploits are currently reported in the wild, the vulnerability poses a risk in environments where IBM Sterling B2B Integrator or File Gateway are deployed, particularly in business-to-business data exchange scenarios where sensitive information and credentials are handled.

For European organizations, the impact of this vulnerability can be significant, especially for enterprises relying on IBM Sterling B2B Integrator and File Gateway for secure data exchange and supply chain communications. Exploitation could lead to unauthorized disclosure of credentials, enabling attackers to escalate privileges or move laterally within the network. This could compromise the confidentiality and integrity of sensitive business data and disrupt critical business processes. Given the trusted nature of the sessions and the business-critical role of these products, exploitation could also damage organizational reputation and lead to regulatory compliance issues under GDPR if personal or sensitive data is exposed. The medium severity score reflects that while the vulnerability requires authentication and user interaction, the potential for credential theft and session manipulation within a trusted environment elevates the risk profile for affected organizations.

To mitigate this vulnerability, organizations should: 1) Apply any available patches or updates from IBM as soon as they are released, as no patch links are currently provided but monitoring IBM advisories is critical. 2) Restrict access to the IBM Sterling B2B Integrator and File Gateway web interfaces to trusted personnel only, implementing strong authentication mechanisms and network segmentation to limit exposure. 3) Implement strict input validation and output encoding on all user-supplied data within the application, if customization or additional controls are possible. 4) Monitor web application logs and user activity for unusual behavior indicative of XSS exploitation attempts. 5) Educate authenticated users about the risks of interacting with unexpected or suspicious content within the application interface. 6) Employ Content Security Policy (CSP) headers to reduce the impact of potential XSS attacks by restricting the execution of unauthorized scripts. 7) Conduct regular security assessments and penetration testing focused on web interface vulnerabilities to detect similar issues proactively.