Possible XSS in iManager URL for access Component
CVE-2022-26324

7.6HIGH

Key Information:

Vendor: Opentext
Status: Imanager
Vendor: CVE Published:; 22 November 2024

Summary

An improperly sanitized URL in the OpenText iManager's access component may allow attackers to execute cross-site scripting (XSS) attacks. This vulnerability could enable unauthorized access to sensitive information or manipulation of webpage content. Organizations using OpenText iManager 3.2.6.0000 are advised to apply available patches and implement security best practices to mitigate potential risks associated with this flaw.

Affected Version(s)

iManager Windows 3.0.0 <= 3.2.6.0000

References

https://www.netiq.com/documentation/imanager-32/pdfdoc/im...

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 22, 2024
Vulnerability Reserved
Feb 28, 2022