Download
Downloadable File
File link | File size | File description |
---|---|---|
Abstract
IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
Download Description
![](/support/pages/system/files/support/swg/swgdnld.nsf/0/e2a015e4a866ba248525811c006a745f/Content/0.84.gif)
This fix is superseded by the fix for APAR PH46332. You must download and install the fix for PH50116 to get a complete solution for CVE-2022-22477.
You can also use the Fix Central link later on this page to get a list of all the fixes that include PH46332.
PH46332 resolves the following problem:
ERROR DESCRIPTION:
IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
PROBLEM SUMMARY:
IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
PROBLEM CONCLUSION:
Confidential for CVE-2022-22477.
The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.22 and 9.0.5.13.
For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
ERROR DESCRIPTION:
IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
PROBLEM SUMMARY:
IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
PROBLEM CONCLUSION:
Confidential for CVE-2022-22477.
The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.22 and 9.0.5.13.
For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
![](/support/pages/system/files/support/swg/swgdnld.nsf/0/e2a015e4a866ba248525811c006a745f/Content/0.84.gif)
This fix is superseded by the fix for APAR PH46332. You must download and install the fix for PH50116 to get a complete solution for CVE-2022-22477.
You can also use the Fix Central link later on this page to get a list of all the fixes that include PH46332.
Prerequisites
None
Download Package
Important note: WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021. Use properly registered IDs to download fixes from Fix Central. For information about Fix Central, see What is Fix Central (FC)?.
![](https://www.ibm.com/support/pages/system/files/support/swg/swgtech.nsf/0/291c36701745df5a85257f06006eb66f/Content/0.9600.gif)
|
Problems Solved
PH46332, PH01621
Change History
20 Oct 2022: Superseded fix with PH50116 and removed fix links.
On
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.5;8.5.0.1;8.5.0.2;8.5.5;8.5.5.1;8.5.5.10;8.5.5.11;8.5.5.12;8.5.5.13;8.5.5.14;8.5.5.15;8.5.5.16;8.5.5.17;8.5.5.18;8.5.5.19;8.5.5.2;8.5.5.20;8.5.5.21;8.5.5.3;8.5.5.4;8.5.5.5;8.5.5.6;8.5.5.7;8.5.5.8;8.5.5.9;9.0.0.0;9.0.0.1;9.0.0.10;9.0.0.11;9.0.0.2;9.0.0.3;9.0.0.4;9.0.0.5;9.0.0.6;9.0.0.7;9.0.0.8;9.0.0.9;9.0.5.0;9.0.5.1;9.0.5.10;9.0.5.11;9.0.5.12;9.0.5.2;9.0.5.3;9.0.5.4;9.0.5.5;9.0.5.6;9.0.5.7;9.0.5.8;9.0.5.9","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
20 October 2022
UID
ibm16602629