EUVD-2022-27563

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

IBM Sterling Partner Engagement Manager is vulnerable to cross-site scripting leading to credentials exposure.

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to reflected cross-site scripting (CVE-2022-22417)	18 Jul 202211:48	–	ibm
ATTACKERKB	CVE-2022-22417	18 Jul 202200:00	–	attackerkb
Circl	CVE-2022-22417	19 Jul 202220:40	–	circl
CNNVD	IBM Sterling Partner Engagement Manager 跨站脚本漏洞	19 Jul 202200:00	–	cnnvd
CNVD	IBM Sterling Partner Engagement Manager Cross-Site Scripting Vulnerability	21 Jul 202200:00	–	cnvd
CVE	CVE-2022-22417	19 Jul 202216:25	–	cve
Cvelist	CVE-2022-22417	19 Jul 202216:25	–	cvelist
NVD	CVE-2022-22417	19 Jul 202217:15	–	nvd
Prion	Cross site scripting	19 Jul 202217:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "46878010-b6fa-332f-9bec-024b00ee6451",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "09b09dbd-670b-3436-b1d5-6df1fcec367b",
        "product": {
          "name": "Sterling Partner Engagement Manager"
        },
        "product_version": "6.2"
      },
      {
        "id": "b4d1d688-11a5-3c44-b2ea-cc778667cf13",
        "product": {
          "name": "Sterling Partner Engagement Manager on Cloud"
        },
        "product_version": "22.2"
      },
      {
        "id": "d18ea023-75f2-31b7-ba83-74395940c985",
        "product": {
          "name": "Sterling Partner Engagement Manager"
        },
        "product_version": "6.1.2"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6604991
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/223127

03 Oct 2025 20:07Current

5.7Medium risk

Vulners AI Score5.7

CVSS 35.4

CVSS 3.15.4

EPSS0.00121