CVE-2010-4324 Information

Description

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://osvdb.org/70298 http://secunia.com/advisories/42819 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html http://www.securityfocus.com/bid/45692 http://www.securitytracker.com/id?1024941 http://www.vupen.com/english/advisories/2011/0038 https://bugzilla.novell.com/show_bug.cgi?id=653516 https://exchange.xforce.ibmcloud.com/vulnerabilities/64501