MEDIUM
IBM
CVE published 2026-03-13
CVE-2025-13702
CVE-2025-13702 is a medium-severity cross-site scripting (XSS) issue in IBM Sterling Partner Engagement Manager. According to the CVE description, an authenticated user can embed arbitrary JavaScript in the Web UI, which can alter intended application behavior and may expose credentials within a trusted session. The CVE was published on 2026-03-13 and later modified on 2026-05-10.