Description

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6

Related CPE's

a

microfocus

netiq_self_service_password_reset

9

References

https://www.netiq.com/documentation/self-service-password-reset-45/sspr-4502-release-notes/data/sspr-4502-release-notes.html#b149gz5h

Release Notes

Weaknesses

[email protected]

Secondary
CWE-20

[email protected]

Primary
CWE-79

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N

7.3 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-08-21T11:15:04.027Z

1 year ago

Last modified

2024-08-23T15:02:39.537Z

1 year ago