4 matches found
CVE-2019-11674
CVE-2019-11674 affects Micro Focus Self Service Password Reset prior to version 4.4.0.4. The issue is a certificate validation flaw enabling potential man-in-the-middle attacks. The description across connected records confirms the root cause as invalid certificate validation and implies exploita...
CVE-2019-11647
CVE-2019-11647 affects Micro Focus NetIQ Self Service Password Reset (web-based password management) prior to version 4.4. The connected CNVD entry confirms a cross-site scripting (XSS) vulnerability in this product, with the root cause described as a web-based XSS flaw that can be exploited to p...
CVE-2019-11652
CVE-2019-11652 affects Micro Focus Self Service Password Reset (SSPR). A potential authorization bypass vulnerability exists in SSPR versions prior to 4.4.0.3, 4.3.0.6, and 4.2.0.6. The remediation is to upgrade to SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. The connected RH/CVE an...
CVE-2020-11850
CVE-2020-11850 relates to an Improper Input Validation vulnerability in OpenText Self Service Password Reset that enables Cross-Site Scripting (XSS). The connected PT-security entry confirms affected versions: OpenText Self Service Password Reset prior to 4.5.0.2 and prior to 4.4.0.6. The root ca...