CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38754 – CVE-2022-38754 - Micro Focus Operations Bridge Manager and OpsBridge Containerized - Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-38754
08 Dec 2022 — A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malici... • https://marketplace.microfocus.com/itom/content/operations-bridge-manager-obm-2022-05-hotfixes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2021-38125
https://notcve.org/view.php?id=CVE-2021-38125
11 Apr 2022 — Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploited to unauthenticated remote code execution. Una Ejecución de código remoto no autenticado en Micro Focus Operations Bridge en contenedor, afectando a versiones 2021.05, 2021.08 y versiones más recientes de Micro Focus Operations Bri... • https://portal.microfocus.com/s/article/KM000005303?language=en_US •