Описание
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microfocus:access_manager:4.5:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:hotfix1:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp1_hotfix1:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp1_hotfix2:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp2_hotfix1:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp2_hotfix2:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp3:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp3_hotfix1:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp3_patch3:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp4:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:4.5:sp5:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:5.0:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:access_manager:5.0:sp1:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.0024
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
EPSS
Процентиль: 47%
0.0024
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79