Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14802 | 1 Netiq | 1 Access Manager | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites. | |||||
| CVE-2017-14801 | 1 Netiq | 1 Access Manager | 2024-11-21 | 4.3 MEDIUM | 4.6 MEDIUM |
| Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter. | |||||
| CVE-2017-14800 | 1 Netiq | 1 Access Manager | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users. | |||||
| CVE-2017-14799 | 1 Netiq | 1 Access Manager | 2024-11-21 | 4.3 MEDIUM | 4.6 MEDIUM |
| A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page. | |||||