CVE-2011-1696
CVSS 4.3 - MEDIUM
Description
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972.
Affected Products
10| Vendor | Product | Version |
|---|---|---|
| novell | identity_manager_roles_based_provisioning_module |
3.6.0
|
| novell | identity_manager_roles_based_provisioning_module |
3.6.1
|
| novell | identity_manager_roles_based_provisioning_module |
3.7.0
|
| novell | identity_manager_roles_based_provisioning_module |
4.0.0
|
| novell | identity_manager_user_application |
3.5.0
|
| novell | identity_manager_user_application |
3.5.1
|
| novell | identity_manager_user_application |
3.6.0
|
| novell | identity_manager_user_application |
3.6.1
|
| novell | identity_manager_user_application |
3.7.0
|
| novell | identity_manager_user_application |
4.0.0
|
References
Weakness Types
CWE-79
CVE Information
- CVE ID:
CVE-2011-1696- Published:
- 2011-10-08
- Modified:
- 2026-04-29
- CVSS Score:
- 4.3
- Severity:
- MEDIUM
- Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Vendors
novell
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL