4 matches found
Novell eDirectory IMONITOR Cross-Site Scripting (CVE-2014-5212)
A cross-site scripting vulnerability exists in Novell eDirectory IMONITOR. The vulnerability is due to an input validation error while parsing the rdn parameter. A remote attacker could exploit this vulnerability to execute arbitrary script or HTML code in the user's browser session...
SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor
SEC Consult Vulnerability Lab Security Advisory 20141219-0 ======================================================================= title: XSS & Memory Disclosure product: NetIQ eDirectory NDS iMonitor vulnerable version: 8.8 SP8, 8.8 SP7 fixed version: 8.8 SP8 HF 4, fix available for versions 8.8...
NetIQ eDirectory NDS iMonitor 8.8 SP8 / 8.8 SP7 XSS / Memory Disclosure
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XSS & Memory Disclosure product: NetIQ eDirectory NDS iMonitor vulnerable version: 8.8 SP8, 8.8 SP7 fixed version: 8.8 SP8 HF 4, fix available for versions 8.8 SP7 8.8.7....
CVE-2014-5212
CVE-2014-5212 is a reflected cross-site scripting (XSS) vulnerability in NetIQ/Novell eDirectory iMonitor (nds/search/data) that allows an attacker to inject scripts via the rdn parameter. Affected product: eDirectory NDS iMonitor before 8.8 SP8 Patch 4. Root cause: input validation error when pa...