CVE-2016-5751

2017-03-23T06:59:00
ID CVE-2016-5751
Type cve
Reporter cve@mitre.org
Modified 2017-03-24T14:51:00

Description

An unfiltered finalizer target URL in the SAML processing feature in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 could be used to trigger XSS and leak authentication credentials.