CVE-2011-1696 Information
Description
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0 3.5.1 3.6.0 3.6.1 3.7.0 and 4.0.0 and Identity Manager Roles Based Provisioning Module 3.6.0 3.6.1 3.7.0 and 4.0.0 allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter aka Bug 692972.
Reference
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html http://www.securityfocus.com/bid/49935 http://www.securitytracker.com/id?1026138 https://bugzilla.novell.com/show_bug.cgi?id=692972
Share on: