NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests.
6.1CVSS
6.1AI Score
0.001EPSS
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter.
6.1CVSS
6.1AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.003EPSS