Netiq Access Manager
6 CVEs affecting Netiq Access Manager. Latest disclosed: 2018-03-02. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-9276 | Medium | 5.4 | 2018-03-02 | Novell Access Manager iManager before 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using… |
CVE-2017-14802 | Medium | 5.4 | 2018-03-02 | Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third pa… |
CVE-2017-14800 | Medium | 5.4 | 2018-03-01 | A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code… |
CVE-2017-7419 | Medium | 4.6 | 2018-03-02 | A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field tha… |
CVE-2017-14801 | Medium | 4.6 | 2018-03-02 | Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter. |
CVE-2017-14799 | Medium | 4.6 | 2018-03-01 | A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into th… |