Search
Search Results (27 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7419 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider. | ||||
| CVE-2017-14803 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system. | ||||
| CVE-2017-14802 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites. | ||||
| CVE-2017-14801 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter. | ||||
| CVE-2017-14800 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users. | ||||
| CVE-2017-14799 | 1 Netiq | 1 Access Manager | 2024-11-21 | N/A |
| A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page. | ||||
| CVE-2024-4556 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-12 | 5.7 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | ||||