Cross-Site Scripting (XSS) Vulnerability in NetIQ Access Manager

CVE-2017-7419 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.

Learn more about our Web Application Penetration Testing UK.