CVE-2017-7591
N/A
N/A
Summary
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.rootlabs.com.br/forgerock-persistent-and-reflected-cross-site-scripting-xss/
- https://backstage.forgerock.com/knowledge/kb/article/a92936505
References
- http://www.rootlabs.com.br/forgerock-persistent-and-reflected-cross-site-scripting-xss/
- https://backstage.forgerock.com/knowledge/kb/article/a92936505
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.