Описание
A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.3 (исключая)
cpe:2.3:a:netiq:access_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00199
Низкий
5.4 Medium
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
EPSS
Процентиль: 42%
0.00199
Низкий
5.4 Medium
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79