APAR status
Closed as program error.
Error description
Cross-Site Scripting Vulnerability in Sterling File Gateway page when replaying the files.
Local fix
B2BISFG-52369
Problem summary
Users Affected: All Problem Description: Cross-Site Scripting when replaying a file adds a script as part of the comment in the replay dialog box. When hovering over the comment, the script can get executed. Platforms Affected: All
Problem conclusion
Resolution Summary: A code fix is provided. Delivered in: 5020603_15 6000005 5020605_3 6000303 6000203 6010001 6000006 5020603_15 5020605_4
Temporary fix
Comments
APAR Information
APAR number
IT32906
Reported component name
STR FILE GATEWA
Reported component ID
5725D0700
Reported release
226
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-05-18
Closed date
2020-06-30
Last modified date
2021-05-21
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
STR FILE GATEWA
Fixed component ID
5725D0700
Applicable component levels
[{"Line of Business":{"code":"LOB02","label":"AI Applications"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS4TGX","label":"IBM Sterling File Gateway"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"2.2"}]
Document Information
Modified date:
22 May 2021