CVE-2015-5970
Novell ZENworks Configuration Management (ZCM) versions 11.3 and 11.4 are affected by an information-disclosure vulnerability in the ChangePassword RPC. The root cause is XPath injection triggered by malformed queries that reference a system entity, allowing an unauthenticated, remote attacker to...