Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message.
References
Configurations
History
21 Nov 2024, 00:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/31359 - | |
References | () http://secunia.com/advisories/23654 - | |
References | () http://securitytracker.com/id?1017483 - | |
References | () http://www.securityfocus.com/bid/21921 - | |
References | () http://www.vupen.com/english/advisories/2007/0073 - | |
References | () https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html - Vendor Advisory |
Information
Published : 2007-01-09 00:28
Updated : 2024-11-21 00:24
NVD link : CVE-2007-0110
Mitre link : CVE-2007-0110
CVE.ORG link : CVE-2007-0110
JSON object : View
Products Affected
novell
- access_manager_identity_server
CWE