CyberSec.Space Logo
返回 CVE 浏览器

CVE-2011-2227

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile21.44th
Published2011年10月8日
Last Modified2026年4月29日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603.

Affected Platforms (CPE)

📦
Novell

Identity Manager Roles Based Provisioning Module

= 3.6.0
📦
Novell

Identity Manager Roles Based Provisioning Module

= 3.6.1
📦
Novell

Identity Manager Roles Based Provisioning Module

= 3.7.0
📦
Novell

Identity Manager Roles Based Provisioning Module

= 4.0.0
📦
Novell

Identity Manager User Application

= 3.5.0
📦
Novell

Identity Manager User Application

= 3.5.1
📦
Novell

Identity Manager User Application

= 3.6.0
📦
Novell

Identity Manager User Application

= 3.6.1
📦
Novell

Identity Manager User Application

= 3.7.0
📦
Novell

Identity Manager User Application

= 4.0.0

References & Advisories

🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html
🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html
🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html
🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html
🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html
🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html
🔗 http://www.securityfocus.com/bid/49935
🔗 http://www.securitytracker.com/id?1026138

相关漏洞威胁

CVE-2013-108310.0

Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Prov...

CVE-2008-50954.3

Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based ...

CVE-2010-43244.3

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0...

CVE-2011-16964.3

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, ...