6 matches found
CVE-2014-9412
Multiple cross-site scripting XSS vulnerabilities in NetIQ Access Manager NAM 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary parameter to roma/jsp/debug/debug.jsp or 2 an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a...
CVE-2014-9412
Multiple cross-site scripting XSS vulnerabilities in NetIQ Access Manager NAM 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary parameter to roma/jsp/debug/debug.jsp or 2 an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a...
CVE-2014-9412
Technical details for CVE-2014-9412 are not publicly available in the provided documents; monitor for updates.
CVE-2014-5216
NetIQ Access Manager (NAM) 4.x is affected by multiple reflected XSS vulnerabilities (CVE-2014-5216) in NAM prior to 4.0.1 HF3. The issues allow remote attackers to inject arbitrary script via (1) location in dev.Empty to nps/servlet/webacc, (2) error in nidp/jsp/x509err.jsp, (3) lang in sslvpn/a...
NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities
NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple high risk vulnerabilities product: NetIQ Access Manager vulnerable version: 4.0 SP1 fixed version: 4.0 SP...
NetIQ Access Manager < 4.0 SP1 Hot Fix 3 Multiple Vulnerabilities - Active Check
NetIQ Access Manager suffers from cross-site request forgery CSRF, XML external entity XXE injection, information disclosure, and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...