CVE-2011-2227
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603.
Vulnerabilidad de cross-site scripting (XSS) en Novell Identity Manager (también conocido como IDM) User Application v3.5.0, v3.5.1, v3.6.0, v3.6.1, v3.7.0 y v4.0.0, e Identity Manager Roles Based Provisioning Module v3.6.0, v3.6.1, v3.7.0,y v4.0.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro apwaDetail (también conocido como apwaDetailId), también conocido como Bug 709603.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-06-02 CVE Reserved
- 2011-10-08 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html | X_refsource_confirm | |
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html | X_refsource_confirm | |
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html | X_refsource_confirm | |
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html | X_refsource_confirm | |
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html | X_refsource_confirm | |
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/49935 | Vdb Entry | |
http://www.securitytracker.com/id?1026138 | Vdb Entry | |
https://bugzilla.novell.com/show_bug.cgi?id=709603 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Novell Search vendor "Novell" | Identity Manager Roles Based Provisioning Module Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" | 3.6.0 Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" and version "3.6.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager Roles Based Provisioning Module Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" | 3.6.1 Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" and version "3.6.1" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager Roles Based Provisioning Module Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" | 3.7.0 Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" and version "3.7.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager Roles Based Provisioning Module Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" | 4.0.0 Search vendor "Novell" for product "Identity Manager Roles Based Provisioning Module" and version "4.0.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager User Application Search vendor "Novell" for product "Identity Manager User Application" | 3.5.0 Search vendor "Novell" for product "Identity Manager User Application" and version "3.5.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager User Application Search vendor "Novell" for product "Identity Manager User Application" | 3.5.1 Search vendor "Novell" for product "Identity Manager User Application" and version "3.5.1" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager User Application Search vendor "Novell" for product "Identity Manager User Application" | 3.6.0 Search vendor "Novell" for product "Identity Manager User Application" and version "3.6.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager User Application Search vendor "Novell" for product "Identity Manager User Application" | 3.6.1 Search vendor "Novell" for product "Identity Manager User Application" and version "3.6.1" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager User Application Search vendor "Novell" for product "Identity Manager User Application" | 3.7.0 Search vendor "Novell" for product "Identity Manager User Application" and version "3.7.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Identity Manager User Application Search vendor "Novell" for product "Identity Manager User Application" | 4.0.0 Search vendor "Novell" for product "Identity Manager User Application" and version "4.0.0" | - |
Affected
|