CVE-2017-7419

CVSS 4.6 - MEDIUM
Description

A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.

Affected Products
2
Vendor Product Version
netiq access_manager All versions
netiq access_manager All versions
References
https://bugzilla.suse.com/show_bug.cgi?id=1031853
https://www.novell.com/support/kb/doc.php?id=70198...
https://bugzilla.suse.com/show_bug.cgi?id=1031853
https://www.novell.com/support/kb/doc.php?id=70198...
Weakness Types
CWE-79 CWE-79
CVE Information
CVE ID:
CVE-2017-7419
Published:
2018-03-02
Modified:
2024-11-21
CVSS Score:
4.6
Severity:
MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Affected Vendors
netiq
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL