CVE-2022-22427: XSS
First published: Wed Apr 27 2022(Updated: )
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223720.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Infosphere Information Server | =11.7 | |
| <=11.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for IBM InfoSphere Information Server?
The vulnerability ID for IBM InfoSphere Information Server is CVE-2022-22427.
What is the severity level of CVE-2022-22427?
The severity level of CVE-2022-22427 is medium with a CVSS score of 6.1.
What is the affected software version for CVE-2022-22427?
The affected software version for CVE-2022-22427 is IBM InfoSphere Information Server 11.7.
What is the impact of CVE-2022-22427?
CVE-2022-22427 allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.
How can I fix CVE-2022-22427?
To fix CVE-2022-22427, apply the patch provided by IBM at [link to patch].
- collector/nvd-index
- agent/type
- agent/references
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm infosphere information server
- version/ibm infosphere information server/11.7