CVE-2021-22531
https://notcve.org/view.php?id=CVE-2021-22531
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0 Se presenta un bug en el parámetro input de Access Manager que permite a el suministro de caracteres no válidos desencadenar una vulnerabilidad de tipo cross-site scripting. Esto afecta a NetIQ Access Manager versiones 4.5 y 5.0 • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager502-release-notes/accessmanager502-release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-26326 – Potential open redirection vulnerability in NetIQ Access Manager versions prior to version 5.0.2
https://notcve.org/view.php?id=CVE-2022-26326
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 Una potencial vulnerabilidad de redireccionamiento abierto cuando la URL está diseñada en un formato específico en NetIQ Access Manager versiones anteriores a 5.0.2 • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager502-release-notes/accessmanager502-release-notes.html#t4f2msu33v8h • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2022-26325 – Cross Site Scripting vulnerability in NetIQ Access Manager versions prior to version 5.0.2
https://notcve.org/view.php?id=CVE-2022-26325
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2 Una vulnerabilidad de tipo Cross Site Scripting (XSS) Reflejado en NetIQ Access Manager versiones anteriores a 5.0.2 • https://www.microfocus.com/documentation/access-manager/5.0/accessmanager502-release-notes/accessmanager502-release-notes.html#t4f2msu33v8h • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-22526 – Open Redirection vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22526
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Una vulnerabilidad de Redirección Abierta en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025257 https://www.microfocus.com/documentation/access-manager/5.0/accessmanager501-release-notes/accessmanager501-release-notes.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2021-22524 – Denial of service vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22524
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Un ataque de inyección causó una vulnerabilidad de denegación de servicio en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025256 https://www.microfocus.com/documentation/access-manager/5.0/accessmanager501-release-notes/accessmanager501-release-notes.html • CWE-91: XML Injection (aka Blind XPath Injection) •