2 matches found
CVE-2016-1599
The CVE-2016-1599 entry concerns NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2. The vulnerability is a cross-site scripting (XSS) flaw triggered by a crafted URL, allowing remote attackers to inject arbitrary web script or HTML in the user’s browser. The available connecte...
CVE-2020-25837
CVE-2020-25837 affects Micro Focus Self Service Password Reset (SSPR) versions 4.4.0.0–4.4.0.6 and 4.5.0.1–4.5.0.2. In certain configurations, the vulnerability could disclose sensitive information. The provided documents do not specify the exact root cause, exploitation details, affected configu...