CVE-2011-1696

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:novell:identity_manager_roles_based_provisioning_module:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_roles_based_provisioning_module:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_roles_based_provisioning_module:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_roles_based_provisioning_module:4.0.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:novell:identity_manager_user_application:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_user_application:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_user_application:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_user_application:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_user_application:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_user_application:4.0.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:26

Type Values Removed Values Added
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html -
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html -
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html -
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html -
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html -
References () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html - () http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html -
References () http://www.securityfocus.com/bid/49935 - () http://www.securityfocus.com/bid/49935 -
References () http://www.securitytracker.com/id?1026138 - () http://www.securitytracker.com/id?1026138 -
References () https://bugzilla.novell.com/show_bug.cgi?id=692972 - () https://bugzilla.novell.com/show_bug.cgi?id=692972 -

Information

Published : 2011-10-08 02:52

Updated : 2024-11-21 01:26


NVD link : CVE-2011-1696

Mitre link : CVE-2011-1696

CVE.ORG link : CVE-2011-1696


JSON object : View

Products Affected

novell

  • identity_manager_roles_based_provisioning_module
  • identity_manager_user_application
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')