CVE Record: CVE-2016-5756

Required CVE Record Information

Description

Multiple components of the web tools in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 were vulnerable to Reflected Cross Site Scripting attacks which could be used to hijack user sessions: nps/servlet/frameservice, nps/servlet/webacc, roma/admin/cntl, roma/jsp/admin/appliance/devicedetail_edit.jsp, roma/jsp/admin/managementip/mgmt_ip_details_frameset.jsp, roma/jsp/admin/managementip/mgmt_ip_details_middleframe.jsp, roma/jsp/volsc/monitoring/appliance.jsp, and roma/jsp/volsc/monitoring/graph.jsp.

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 1 Total

https://www.novell.com/support/kb/doc.php?id=7017813
external site

Updated: 2024-08-06

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://www.novell.com/support/kb/doc.php?id=7017813
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: OpenText (formerly Micro Focus)

Description

Product Status

References 1 Total

CVE Program

References 1 Total