Cross site scripting

2018-03-0516:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

36.6%

JSON

NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the “type” and “account” parameters of json requests.

CPENameOperatorVersion
privileged_account_managereq3.1 hotfix2
privileged_account_managereq3.1 hotfix1
privileged_account_managerle3.0
privileged_account_managereq3.1