Filtered by vendor Netiq Subscriptions
Filtered by product Access Manager Subscriptions
Total 27 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-14802 1 Netiq 1 Access Manager 2024-11-21 N/A
Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites.
CVE-2017-14801 1 Netiq 1 Access Manager 2024-11-21 N/A
Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter.
CVE-2017-14800 1 Netiq 1 Access Manager 2024-11-21 N/A
A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
CVE-2017-14799 1 Netiq 1 Access Manager 2024-11-21 N/A
A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page.
CVE-2024-4554 2 Microfocus, Netiq 2 Netiq Access Manager, Access Manager 2024-09-19 7.3 High
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1.
CVE-2024-4555 2 Microfocus, Netiq 2 Netiq Access Manager, Access Manager 2024-09-12 7.7 High
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
CVE-2024-4556 2 Microfocus, Netiq 2 Netiq Access Manager, Access Manager 2024-09-12 5.7 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1.