Page 4 of 19 results (0.006 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI. XSS en NetIQ Designer para Identity Manager en versiones anteriores a 4.5.3 permite a atacantes remotos inyectar un código HTML arbitrario a través del CGI nrfEntitlementReport.do. • http://www.securityfocus.com/bid/93973 https://download.novell.com/Download?buildid=QgHXVOxv310~ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI. XSS en NetIQ Designer para Identity Manager en versiones anteriores a 4.5.3 permite a atacantes remotos inyectar un código HTML arbitrario a través del valor accessMgrDN del CGI forgotUser.do. • http://www.securityfocus.com/bid/93972 https://download.novell.com/Download?buildid=QgHXVOxv310~ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors. VMware Identity Manager 2.x en versiones anteriores a 2.7 y vRealize Automation 7.0.x en versiones anteriores a 7.1 permiten a usuarios locales obtener acceso root a través de vectores no especificados. • http://www.securityfocus.com/bid/92608 http://www.securitytracker.com/id/1036685 http://www.vmware.com/security/advisories/VMSA-2016-0013.html •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. La Client Login Extension (CLE) de Novell Identity Manager versiones anteriores a 3.5.1 20070730 almacena nombre de usuario y contraseña en un fichero local, lo cual permite a usuarios locales obtener información confidencial leyendo este fichero. • http://osvdb.org/37320 http://secunia.com/advisories/26555 http://securitytracker.com/id?1018602 http://www.securityfocus.com/bid/25420 http://www.vupen.com/english/advisories/2007/2957 https://exchange.xforce.ibmcloud.com/vulnerabilities/36215 https://secure-support.novell.com/KanisaPlatform/Publishing/177/3329402_f.SAL_Public.html • CWE-255: Credentials Management Errors •