{"containers": {"cna": {"affected": [{"product": "Micro Focus Enterprise Developer and Enterprise Server", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions prior to version 3.0 Patch Update 20. version 4.0 Patch Update 12 and version 5.0 Patch Update 2"}]}], "descriptions": [{"lang": "en", "value": "Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests."}], "problemTypes": [{"descriptions": [{"description": "Reflected XSS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T16:15:44.000Z", "orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "microfocus"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://softwaresupport.softwaregrp.com/doc/KM03532232"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@microfocus.com", "ID": "CVE-2019-11651", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Micro Focus Enterprise Developer and Enterprise Server", "version": {"version_data": [{"version_value": "All versions prior to version 3.0 Patch Update 20. version 4.0 Patch Update 12 and version 5.0 Patch Update 2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Reflected XSS"}]}]}, "references": {"reference_data": [{"name": "https://softwaresupport.softwaregrp.com/doc/KM03532232", "refsource": "MISC", "url": "https://softwaresupport.softwaregrp.com/doc/KM03532232"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:03:31.140Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://softwaresupport.softwaregrp.com/doc/KM03532232"}]}]}, "cveMetadata": {"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "assignerShortName": "microfocus", "cveId": "CVE-2019-11651", "datePublished": "2019-10-02T20:11:26.000Z", "dateReserved": "2019-05-01T00:00:00.000Z", "dateUpdated": "2024-08-04T23:03:31.140Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"affected": [{"affectedData": [{"product": "Micro Focus Enterprise Developer and Enterprise Server", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions prior to version 3.0 Patch Update 20. version 4.0 Patch Update 12 and version 5.0 Patch Update 2"}]}], "source": "security@opentext.com"}], "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:-:*:*:*:*:*:*", "matchCriteriaId": "E520C725-28E7-447E-8D13-0FCA3E1102DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_1:*:*:*:*:*:*", "matchCriteriaId": "D9737A07-8C0C-4498-B00D-C917D736CFA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_10:*:*:*:*:*:*", "matchCriteriaId": "A23DC4FD-C8D2-4FED-B7F2-4FB07E650D1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_11:*:*:*:*:*:*", "matchCriteriaId": "BE28ED29-373B-4815-9EB9-E70D4A9C893C", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_12:*:*:*:*:*:*", "matchCriteriaId": "A0EA0405-8885-4C91-B804-1785627DDF61", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_13:*:*:*:*:*:*", "matchCriteriaId": "5ECD6117-C0B2-42C5-BB29-DB1BE50EF266", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_14:*:*:*:*:*:*", "matchCriteriaId": "434720E2-A9BA-4DA6-9316-0C1737699461", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_15:*:*:*:*:*:*", "matchCriteriaId": "274B0CF9-93C6-473A-895F-5DEB47E7A635", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_16:*:*:*:*:*:*", "matchCriteriaId": "0DE0381D-F512-4194-9D34-076E87152AD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_17:*:*:*:*:*:*", "matchCriteriaId": "46806C31-4ED2-4C09-AB48-95DFD90A63B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_18:*:*:*:*:*:*", "matchCriteriaId": "27026971-EDBB-4EE4-8D63-91889BEE2A31", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_19:*:*:*:*:*:*", "matchCriteriaId": "88A36343-FD91-4B64-BA8F-A7A8601C2578", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_2:*:*:*:*:*:*", "matchCriteriaId": "A4E526D3-3B1C-4313-A6AE-68BF877BB1C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_3:*:*:*:*:*:*", "matchCriteriaId": "80C4E997-985E-418D-B332-128620D6399D", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_4:*:*:*:*:*:*", "matchCriteriaId": "16DB159A-B3BF-4F22-A7E5-798B2BE935BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_5:*:*:*:*:*:*", "matchCriteriaId": "95EDC120-8237-4C15-AACD-82970717B7F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_6:*:*:*:*:*:*", "matchCriteriaId": "D9D20037-A0AD-4122-AF97-474052DCA65F", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_7:*:*:*:*:*:*", "matchCriteriaId": "BF3D08EE-845B-4952-8F61-41624A9A74B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_8:*:*:*:*:*:*", "matchCriteriaId": "6256ED5F-2BDF-45A3-BF38-FC5B725FE293", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_9:*:*:*:*:*:*", "matchCriteriaId": "6E17A291-5BD3-4324-B0C2-4620AA1BE30A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:-:*:*:*:*:*:*", "matchCriteriaId": "53034D98-15C1-4628-90E8-80A8BA25C800", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_1:*:*:*:*:*:*", "matchCriteriaId": "B80E468E-8BB3-44A6-B781-57238B9FECE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_10:*:*:*:*:*:*", "matchCriteriaId": "74B717E3-AAAF-4F99-8672-382EBFADCC87", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_11:*:*:*:*:*:*", "matchCriteriaId": "5F35F690-3FB2-45D6-9798-7CD66F7FE5C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_2:*:*:*:*:*:*", "matchCriteriaId": "B9B1A025-7452-4C8E-A4D0-B0B2E991C2AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_3:*:*:*:*:*:*", "matchCriteriaId": "4DEAA49C-ED22-4257-AF66-561BD42BEECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_4:*:*:*:*:*:*", "matchCriteriaId": "9A893B7D-C8BA-4CDD-BA75-7A095C1F6803", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_5:*:*:*:*:*:*", "matchCriteriaId": "932C078A-13F9-45F1-81D1-A0EB0BF40310", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_6:*:*:*:*:*:*", "matchCriteriaId": "25AB01B7-7264-4AEE-A4B6-895646C15FE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_7:*:*:*:*:*:*", "matchCriteriaId": "50BC7F2E-1A89-4273-BAAD-3F56F998E444", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_8:*:*:*:*:*:*", "matchCriteriaId": "06E684DE-4F56-4DB4-BBA6-8DCF7ECB8E74", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_9:*:*:*:*:*:*", "matchCriteriaId": "5B703A7A-1400-4362-9710-7038022BA539", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:5.0:-:*:*:*:*:*:*", "matchCriteriaId": "3C73BDBE-2719-4020-B953-1580BB78CB0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_developer:5.0:patch_1:*:*:*:*:*:*", "matchCriteriaId": "B6AD863A-E5D2-4193-B72C-94B823EBA110", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:-:*:*:*:*:*:*", "matchCriteriaId": "667C08F5-8465-4458-94E9-E31324CBC712", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_1:*:*:*:*:*:*", "matchCriteriaId": "90E753B3-48E5-4B3D-B34D-4326E3125757", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_10:*:*:*:*:*:*", "matchCriteriaId": "A75250AB-2777-4107-B967-CD469E2BF322", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_11:*:*:*:*:*:*", "matchCriteriaId": "40ACBEFB-0D47-4650-9D4B-080DFA4C3E88", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_12:*:*:*:*:*:*", "matchCriteriaId": "B5D82D15-2486-4187-9B10-57FD503E70A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_13:*:*:*:*:*:*", "matchCriteriaId": "A927325F-31C7-4298-B66B-555AA9F1C7EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_14:*:*:*:*:*:*", "matchCriteriaId": "08026E77-2632-48E7-B9BF-4DDEFF6622E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_15:*:*:*:*:*:*", "matchCriteriaId": "ABD5A657-2A33-414F-AE89-152246789302", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_16:*:*:*:*:*:*", "matchCriteriaId": "C1AE2401-8A20-46A4-88FD-3643F29B6DC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_17:*:*:*:*:*:*", "matchCriteriaId": "92560793-428E-4F9A-98CA-CFAAC64B5D1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_18:*:*:*:*:*:*", "matchCriteriaId": "6CF4D68C-155D-4552-9CB5-736BD68CCB23", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_19:*:*:*:*:*:*", "matchCriteriaId": "C2726E17-7AA5-442C-931C-8440FFC6C164", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_2:*:*:*:*:*:*", "matchCriteriaId": "CE22919D-02DF-4262-817E-3200A1A08BFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_3:*:*:*:*:*:*", "matchCriteriaId": "AC98A2D0-C3E6-4742-881A-C5C52896BC5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_4:*:*:*:*:*:*", "matchCriteriaId": "3C880850-CA2D-4240-ACD9-C59A91EA78AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_5:*:*:*:*:*:*", "matchCriteriaId": "3DF51F29-C0A3-453A-9170-1FD2756CE2FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_6:*:*:*:*:*:*", "matchCriteriaId": "DE4594B7-8798-4714-B543-75192EAF1378", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_7:*:*:*:*:*:*", "matchCriteriaId": "2594DF03-450C-4A92-8FBB-F6BF4D182D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_8:*:*:*:*:*:*", "matchCriteriaId": "825A5264-A8D2-4494-A851-C01CC83BFE94", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_9:*:*:*:*:*:*", "matchCriteriaId": "10F3523F-1AAA-411C-9E57-B2734D5AEBD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:-:*:*:*:*:*:*", "matchCriteriaId": "E8F59F96-F1CD-4750-94AE-FF80EAA5C461", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_1:*:*:*:*:*:*", "matchCriteriaId": "CE30DDDB-9362-4122-B3AB-0231E3E0EEFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_10:*:*:*:*:*:*", "matchCriteriaId": "A155B98E-A0A8-4297-9EAC-67D8C51991F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_11:*:*:*:*:*:*", "matchCriteriaId": "2D00EC75-5267-4FD4-BA3D-196F0D41F3E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_2:*:*:*:*:*:*", "matchCriteriaId": "5A64FAB0-BECF-4E88-B137-F18EE13F5DDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_3:*:*:*:*:*:*", "matchCriteriaId": "1B89CFB2-B9F1-468C-BED2-3B676834C6E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_4:*:*:*:*:*:*", "matchCriteriaId": "6C6F7E3B-B3C4-4EF6-BEF7-3798CC373195", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_5:*:*:*:*:*:*", "matchCriteriaId": "2199AF29-FB62-4A80-83D9-9C7267CE8ED3", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_6:*:*:*:*:*:*", "matchCriteriaId": "390B3CF7-F004-4889-88D2-0F537E10429C", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_7:*:*:*:*:*:*", "matchCriteriaId": "3DB67225-D7D5-49F6-AA6C-1DFC5EEEC665", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_8:*:*:*:*:*:*", "matchCriteriaId": "542F1504-A7C6-4E01-9A08-0905BD706596", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_9:*:*:*:*:*:*", "matchCriteriaId": "9B2B4901-D5EB-43C1-90DC-02735283FA5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:5.0:-:*:*:*:*:*:*", "matchCriteriaId": "600A95A6-A1F6-45F1-8856-FB1968E084ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:microfocus:enterprise_server:5.0:patch_1:*:*:*:*:*:*", "matchCriteriaId": "54E0EEC2-C4F3-4C79-A587-C72BC6231C27", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests."}, {"lang": "es", "value": "Una vulnerabilidad de tipo XSS Reflejado en Micro Focus Enterprise Developer y Enterprise Server, todas las versiones anteriores a la versi\u00f3n 3.0 Patch Update 20, versi\u00f3n 4.0 Patch Update 12 y versi\u00f3n 5.0 Patch Update 2. La vulnerabilidad podr\u00eda explotarse para redireccionar a un usuario hacia una p\u00e1gina maliciosa o falsificar ciertos tipos de peticiones web."}], "id": "CVE-2019-11651", "lastModified": "2026-06-17T02:13:20.840", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-02T21:15:10.407", "references": [{"source": "security@opentext.com", "url": "https://softwaresupport.softwaregrp.com/doc/KM03532232"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://softwaresupport.softwaregrp.com/doc/KM03532232"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}