CVE-2017-14799

Summary

A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page.

Affected Software

VendorProductVersion RangeStatus
NetIQAccess Manager4.3 < 4.3.3affected

Weaknesses

  • cross site scripting attack in the login parameter handling due to incorrect quoting

ADP Enrichment

CVE Program Container

Additional References

References