CVE-2014-5212

Currently unrated

Key Information:

Vendor: Novell
Status: Edirectory
Vendor: CVE Published:; 19 December 2014

Summary

Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.

References

https://bugzilla.novell.com/show_bug.cgi?id=904134

x_refsource_CONFIRM

http://www.securityfocus.com/archive/1/534284

mailing-listx_refsource_BUGTRAQ

http://www.securitytracker.com/id/1031408

vdb-entryx_refsource_SECTRACK

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 19, 2014
Vulnerability Reserved
Aug 13, 2014

Collectors

NVD DatabaseMitre Database