2 matches found
CVE-2017-7419 NetIQ Access Manager OAuth Consent screen XSS attack
A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider...
CVE-2017-7419
CVE-2017-7419 affects NetIQ Access Manager OAuth applications. The vulnerability is an XSS flaw caused by an unescaped description field that can be supplied by the provider, impacting versions 4.3 before 4.3.2 and 4.2 before 4.2.4. The issue enables cross-site scripting via the OAuth consent/des...