Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x prior to 4.1 allow remote malicious users to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a different issue than CVE-2014-5216.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microfocus access manager 4.0.1 |
||
microfocus access manager 4.0 |