CVE-2016-1598

XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:novell:identity_manager:4.5:*:*:*:*:*:*:*
cpe:2.3:a:novell:identity_manager_identity_applications:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:46

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/93833 - () http://www.securityfocus.com/bid/93833 -
References () https://download.novell.com/Download?buildid=xyswDCMsT7I~ - () https://download.novell.com/Download?buildid=xyswDCMsT7I~ -

07 Nov 2023, 02:30

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/93833 - () http://www.securityfocus.com/bid/93833 -
References (CONFIRM) https://download.novell.com/Download?buildid=xyswDCMsT7I~ - Patch, Vendor Advisory () https://download.novell.com/Download?buildid=xyswDCMsT7I~ -

Information

Published : 2016-10-27 20:59

Updated : 2024-11-21 02:46


NVD link : CVE-2016-1598

Mitre link : CVE-2016-1598

CVE.ORG link : CVE-2016-1598


JSON object : View

Products Affected

novell

  • identity_manager_identity_applications
  • identity_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')