CVE-2011-2227 Information
Description
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0 3.5.1 3.6.0 3.6.1 3.7.0 and 4.0.0 and Identity Manager Roles Based Provisioning Module 3.6.0 3.6.1 3.7.0 and 4.0.0 allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter aka Bug 709603.
Reference
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html http://www.securityfocus.com/bid/49935 http://www.securitytracker.com/id?1026138 https://bugzilla.novell.com/show_bug.cgi?id=709603
Share on: