CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2008-5095
https://notcve.org/view.php?id=CVE-2008-5095
Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Novell User Application v3.0.1, v3.5.0, y v3.5.1; y Identity Manager Roles Based Provisioning Module v3.6.0 y v3.6.1 permite a atacantes remotos inyectar web script o HTML a través de vectores desconocidos. • http://www.novell.com/support/viewContent.do?externalId=7001157&sliceId=1 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020792 http://www.securitytracker.com/id?1020793 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •