Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netiq vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-1347
The administrative web interface in NetIQ iManager, versions before 3.1, are vulnerable to reflected cross site scripting.
Netiq Imanager
383
VMScore
CVE-2017-7427
Multiple cross site scripting attacks were found in the Identity Manager Plug-in, hosted on iManager 2.7.7.7, before Identity Manager 4.6.1. In certain scenarios it was possible to execute arbitrary JavaScript code in the context of vulnerable application, via user.Context in the...
Netiq Identity Manager
383
VMScore
CVE-2017-7437
NetIQ Privileged Account Manager prior to 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests.
Netiq Privileged Account Manager 3.1
Netiq Privileged Account Manager
383
VMScore
CVE-2017-7419
A OAuth application in NetIQ Access Manager 4.3 prior to 4.3.2 and 4.2 prior to 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.
Netiq Access Manager
383
VMScore
CVE-2017-7438
NetIQ Privileged Account Manager prior to 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter.
Netiq Privileged Account Manager 3.1
Netiq Privileged Account Manager
383
VMScore
CVE-2017-9276
Novell Access Manager iManager prior to 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.
Netiq Access Manager
383
VMScore
CVE-2017-14801
Reflected XSS in the NetIQ Access Manager prior to 4.3.3 allowed malicious users to reflect back xss into the called page using the url parameter.
Netiq Access Manager
383
VMScore
CVE-2017-14799
A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager prior to 4.3.3 could be used to inject javascript code into the login page.
Netiq Access Manager
383
VMScore
CVE-2017-14800
A reflected cross site scripting attack in the NetIQ Access Manager prior to 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
Netiq Access Manager
383
VMScore
CVE-2017-7425
Multiple potential reflected XSS issues exist in NetIQ iManager versions prior to 2.7.7 Patch 10 HF2 and 3.0.3.2.
Netiq Imanager 3.0.3.2
Netiq Imanager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »