2 matches found
CVE-2017-7437
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests...
CVE-2017-7437
NetIQ Privileged Account Manager (versions prior to 3.1 Patch Update 3) is vulnerable to cross-site scripting via the type and account fields in JSON requests. The issue is caused by insufficient input sanitization in these parameters, allowing an attacker to inject arbitrary web script/HTML. Pub...