Required CVE Record Information
Description
Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 5.4 | MEDIUM | 3.0 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 1 Total
- https://www.novell.com/support/kb/doc.php?id=7022360 x_transferred