Unvalidated HTTP Referer Header XSS Vulnerability in NetIQ Access Manager
CVE-2017-5191 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
An XSS vulnerability on the /NAGErrors URI in NetIQ Access Manager 4.2 and 4.3 exists because Access Gateway Error pages do not validate the HTTP Referer header.
Learn more about our Web Application Penetration Testing UK.