Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
IBM WebSphere Application Server Liberty is affected by a stored cross-site scripting vulnerability (CVE-2025-36000 CVSS 4.4)
Download Description
PH66669 resolves the following problem:
ERROR DESCRIPTION:
IBM WebSphere Application Server Liberty is affected by a stored cross-site scripting vulnerability (CVE-2025-36000 CVSS 4.4)
LOCAL FIX:
PROBLEM SUMMARY:
Confidential for Security Integrity interim fix CVE-2025-36000.
PROBLEM CONCLUSION:
Confidential for CVE-2025-36000.
The fix for this APAR is targeted for inclusion in25.0.0.9.
For more information, see Recommended Updates for WebSphere Application Server:
https://www.ibm.com/support/pages/node/715553
ERROR DESCRIPTION:
IBM WebSphere Application Server Liberty is affected by a stored cross-site scripting vulnerability (CVE-2025-36000 CVSS 4.4)
LOCAL FIX:
PROBLEM SUMMARY:
Confidential for Security Integrity interim fix CVE-2025-36000.
PROBLEM CONCLUSION:
Confidential for CVE-2025-36000.
The fix for this APAR is targeted for inclusion in
For more information, see Recommended Updates for WebSphere Application Server:
https://www.ibm.com/support/pages/node/715553
Prerequisites
None
Download Package
IMPORTANT NOTE: | WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table. Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages. |
| DOWNLOAD | RELEASE DATE | URL |
|---|---|---|
| 24.0.0.6-WS-WLP-IFPH66669 | 20 November 2025 | FC |
| 24.0.0.12-WS-WLP-IFPH66669 | 09 September 2025 | FC |
| 25.0.0.3-WS-WLP-IFPH66669 | 07 August 2025 | FC |
| 25.0.0.6-WS-WLP-IFPH66669 | 07 August 2025 | FC |
| 25.0.0.8-WS-WLP-IFPH66669 | 07 August 2025 | FC |
| 24006-wlp-archive-IFPH66669 | 20 November 2025 | FC |
| 240012-wlp-archive-IFPH66669 | 09 September 2025 | FC |
| 25003-wlp-archive-IFPH66669 | 07 August 2025 | FC |
| 25006-wlp-archive-IFPH66669 | 07 August 2025 | FC |
| 25008-wlp-archive-IFPH66669 | 07 August 2025 | FC |
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.
Problems Solved
PH66669
Change History
09 September 2025: Added fix for 24.0.0.12.
20 November 2025: Added fix for 24.0.0.6.
On
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"ARM Category":[{"code":"a8m0z0000001j54AAA","label":"WebSphere Application Server traditional-All Platforms-\u003EDownload Documents - L3 Publishing Category"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"Liberty"}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
20 November 2025
UID
ibm17241735