Cross-Site Scripting Vulnerability in Novell Identity Manager Product by Novell
CVE-2013-1096

Currently unrated

Key Information:

Vendor

Novell
Status
Identity Manager Roles Based Provisioning Module
Vendor
CVE Published:
28 December 2013

What is CVE-2013-1096?

A Cross-Site Scripting (XSS) vulnerability exists in the Roles Based Provisioning Module of Novell Identity Manager versions prior to Field Patch D. This flaw enables remote attackers to inject arbitrary web scripts or HTML into web pages viewed by other users through the manipulation of a taskDetail taskId. Successful exploitation could lead to unauthorized actions or phishing attacks against users accessing the compromised site.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1029532
vdb-entryx_refsource_SECTRACK
https://bugzilla.novell.com/show_bug.cgi?id=819115
x_refsource_CONFIRM
http://download.novell.com/Download?buildid=dnDbmYe8PZc~
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.