Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager
CVE-2021-38119

6.1MEDIUM

Key Information:

Vendor: Opentext
Status: Imanager
Vendor: CVE Published:; 22 November 2024

Summary

A reflected cross-site scripting vulnerability has been identified in OpenText™ iManager version 3.2.4.0000. This vulnerability allows attackers to inject malicious scripts into the application, which could be executed in the context of a user's browser. As a result, users may inadvertently execute harmful scripts that could compromise their session or extract sensitive information. Organizations using OpenText™ iManager are advised to review their security posture and implement appropriate safeguards to mitigate the risk associated with this vulnerability.

Affected Version(s)

iManager Windows 3.0.0 <= 3.2.4.0000

References

https://www.netiq.com/documentation/imanager-32/imanager3...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 22, 2024
Vulnerability Reserved
Aug 4, 2021