Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote malicious users to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell identity manager roles based provisioning module 4.0.0 |
||
novell identity manager roles based provisioning module 3.6.1 |
||
novell identity manager roles based provisioning module 3.7.0 |
||
novell identity manager roles based provisioning module 3.6.0 |
||
novell identity manager user application 3.7.0 |
||
novell identity manager user application 3.6.0 |
||
novell identity manager user application 3.6.1 |
||
novell identity manager user application 3.5.0 |
||
novell identity manager user application 3.5.1 |
||
novell identity manager user application 4.0.0 |