6.8
CVE-2007-0110
- EPSS 1.96%
- Veröffentlicht 09.01.2007 00:28:00
- Zuletzt bearbeitet 16.06.2026 22:34:56
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Novell ≫ Access Manager Identity Server Version <= 3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.96% | 0.777 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://osvdb.org/31359
http://secunia.com/advisories/23654
http://securitytracker.com/id?1017483
http://www.securityfocus.com/bid/21921
http://www.vupen.com/english/advisories/2007/0073
https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html