N/A

Cross-site scripting (XSS) vulnerability in Sterling Order Management 8.5 before HF113, Sterling Selling and Fulfillment Foundation 9.0.0 before FP92, and Sterling Field Sales (SFS) 9.0 before HF7 in IBM Sterling Selling and Fulfillment Suite allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

N/A

N/A

IBM Sterling Selling and Fulfillment Suite 跨站脚本漏洞

IBM Sterling Order Management ,Sterling Selling and Fulfillment Foundation ,and Sterling Field Sales都是美国IBM公司的订单管理软件。该软件能够协调跨客户、供应商和合作伙伴动态业务网络的跨渠道销售和订单实现过程。 IBM Sterling Selling and Fulfillment Suite中的多款产品存在跨站脚本漏洞。远程攻击者可借助特制的URL利用该漏洞注入任意Web脚本或HTML。以下产品及版本

N/A

N/A