Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and previous versions, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated malicious users to bypass protection mechanisms (CWE-693) and other security features.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microfocus enterprise server monitor and control - |
||
microfocus enterprise developer 2.3 |
||
microfocus enterprise server 2.3 |
||
microfocus directory server - |
||
microfocus enterprise server |