Novell Access Manager iManager before 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.
References
Link | Resource |
---|---|
https://www.novell.com/support/kb/doc.php?id=7022359 |
Configurations
History
07 Nov 2023, 02:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.novell.com/support/kb/doc.php?id=7022359 - |
Information
Published : 2018-03-02 20:29
Updated : 2024-02-28 16:25
NVD link : CVE-2017-9276
Mitre link : CVE-2017-9276
CVE.ORG link : CVE-2017-9276
JSON object : View
Products Affected
netiq
- access_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')