Unrated severityNVD Advisory· Published Apr 21, 2014· Updated Jun 17, 2026
CVE-2014-0932
CVE-2014-0932
Description
Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Affected products
4cpe:2.3:a:ibm:sterling_order_management:8.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:sterling_order_management:8.5:*:*:*:*:*:*:*
- (no CPE)range: 8.5 < HF105
cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.0:*:*:*:*:*:*:*
- (no CPE)range: 9.0 < HF85
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.