CVE-2017-14799
4.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Summary
A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NetIQ | Access Manager | 4.3 < 4.3.3 | affected |
Weaknesses
- cross site scripting attack in the login parameter handling due to incorrect quoting
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.