SAP Knowledge Base Article - Preview

3195635 - FAQ for SAP Security Note 3145046-[CVE-2022-27656] Cross-Site Scripting (XSS) vulnerability in administration UI


You are interested in further details related to the SAP Note SAP Note 3145046 -[CVE-2022-27656] Cross-Site Scripting (XSS) vulnerability in administration UI of SAP Webdispatcher and SAP Netweaver AS for ABAP and Java (ICM).

  1. Which components or scenarios are affected?

  2. Applying the Kernel Patch

  3. Using a workaround instead of a Kernel Patch



  • Operating System independent
  • SAP NetWeaver
  • ABAP Platform
  • SAP Web Dispatcher 


stored XSS, CSS, CVE-2022-27656, Web admin, Administration UI , KBA , BC-CST-WDP , Web Dispatcher , BC-CST-IC , Internet Communication Manager , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.