CyberSec.Space Logo
Back to CVE Browser

CVE-2011-2227

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile21.44th
PublishedOct 8, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603.

Affected Platforms (CPE)

πŸ“¦
Novell

Identity Manager Roles Based Provisioning Module

= 3.6.0
πŸ“¦
Novell

Identity Manager Roles Based Provisioning Module

= 3.6.1
πŸ“¦
Novell

Identity Manager Roles Based Provisioning Module

= 3.7.0
πŸ“¦
Novell

Identity Manager Roles Based Provisioning Module

= 4.0.0
πŸ“¦
Novell

Identity Manager User Application

= 3.5.0
πŸ“¦
Novell

Identity Manager User Application

= 3.5.1
πŸ“¦
Novell

Identity Manager User Application

= 3.6.0
πŸ“¦
Novell

Identity Manager User Application

= 3.6.1
πŸ“¦
Novell

Identity Manager User Application

= 3.7.0
πŸ“¦
Novell

Identity Manager User Application

= 4.0.0

References & Advisories

πŸ”— http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html
πŸ”— http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html
πŸ”— http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html
πŸ”— http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html
πŸ”— http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html
πŸ”— http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html
πŸ”— http://www.securityfocus.com/bid/49935
πŸ”— http://www.securitytracker.com/id?1026138

Related Vulnerabilities

CVE-2013-108310.0

Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Prov...

CVE-2008-50954.3

Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based ...

CVE-2010-43244.3

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0...

CVE-2011-16964.3

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, ...