TROYANOSYVIRUS
Voltar para CVEs

CVE-2017-7419

N/A

Descricao

A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado3/2/2018
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0

Produtos afetados

netiq:access_manager

Fraquezas (CWE)

CWE-79CWE-79

Referencias

https://bugzilla.suse.com/show_bug.cgi?id=1031853(security@opentext.com)
https://www.novell.com/support/kb/doc.php?id=7019893(security@opentext.com)
https://bugzilla.suse.com/show_bug.cgi?id=1031853(af854a3a-2127-422b-91ae-364da2661108)
https://www.novell.com/support/kb/doc.php?id=7019893(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.