CVE-2025-3630 is a stored cross-site scripting (XSS) vulnerability affecting IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4, as well as IBM Sterling File Gateway in the same version ranges. The vulnerability arises from improper neutralization of input during web page generation (CWE-79), allowing authenticated users to inject arbitrary JavaScript code into the web user interface. Because the malicious script is stored, it can execute whenever a legitimate user accesses the affected page, potentially altering the intended functionality of the application. This can lead to the disclosure of sensitive information such as user credentials within a trusted session. The vulnerability requires the attacker to have authenticated access, but no additional user interaction is needed once the malicious script is stored. The CVSS v3.1 base score is 6.4 (medium severity), with an attack vector of network, low attack complexity, privileges required, no user interaction, and a scope change. The impact affects confidentiality and integrity but not availability. No known exploits are currently reported in the wild, and no patches are linked in the provided data, indicating that remediation may still be pending or in progress. Given the nature of the IBM Sterling B2B Integrator as a critical platform for business-to-business transactions and file exchanges, exploitation of this vulnerability could undermine trust in the platform and lead to unauthorized data disclosure or manipulation within enterprise environments.

For European organizations, the impact of CVE-2025-3630 can be significant, particularly for those relying on IBM Sterling B2B Integrator and Sterling File Gateway for secure and reliable B2B communications and file transfers. Successful exploitation could lead to credential theft, enabling attackers to escalate privileges or move laterally within the network. This could compromise sensitive business data, disrupt supply chain communications, and damage business relationships. The confidentiality breach could also lead to violations of GDPR and other data protection regulations, resulting in legal and financial penalties. Since the vulnerability requires authenticated access, insider threats or compromised accounts pose a heightened risk. The alteration of web UI functionality could also facilitate further attacks or fraud, undermining operational integrity. Given the critical role of these platforms in sectors like manufacturing, logistics, finance, and retail, the vulnerability could have cascading effects on business continuity and reputation.

European organizations should implement the following specific mitigation measures: 1) Immediately audit and monitor user accounts with access to IBM Sterling B2B Integrator and Sterling File Gateway for suspicious activity, focusing on privilege misuse or anomalous behavior. 2) Enforce strong authentication mechanisms, such as multi-factor authentication (MFA), to reduce the risk of account compromise. 3) Apply strict input validation and output encoding on all user-supplied data within the application, if customizations or extensions are used, to prevent injection of malicious scripts. 4) Isolate the affected systems within segmented network zones to limit potential lateral movement if exploitation occurs. 5) Regularly review and update user permissions to follow the principle of least privilege, minimizing the number of users who can inject content into the web UI. 6) Monitor web application logs for unusual script injections or unexpected UI behavior. 7) Engage with IBM support or security advisories to obtain and apply patches or hotfixes as soon as they become available. 8) Conduct security awareness training for users with access to these platforms to recognize and report suspicious activities. These steps go beyond generic advice by focusing on access control, monitoring, and proactive engagement with vendor updates specific to the affected products.