Cross-site Scripting Vulnerability in Novell Identity Manager Approval Form
CVE-2010-4324

Currently unrated

Key Information:

Vendor
Novell
Status
Identity Manager Roles Based Provisioning Module
Identity Manager
Vendor
CVE Published:
7 January 2011

Summary

The Approval Form in the User Application of Novell Identity Manager's Roles Based Provisioning Module versions prior to 370D are susceptible to a Cross-site Scripting (XSS) vulnerability. This flaw permits remote attackers to inject arbitrary web scripts or HTML through various unspecified vectors, potentially compromising user data and application integrity.

References

http://osvdb.org/70298
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2011/0038
vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/45692
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2010-4324 : Cross-site Scripting Vulnerability in Novell Identity Manager Approval Form | SecurityVulnerability.io