Novell IDM跨站脚本和HTML注入漏洞

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

BUGTRAQ ID: 30952 CNCAN ID:CNCAN-2008090305 Novell IDM是一款身份管理解决方案。 Novell IDM不正确处理用户提交的输入,远程攻击者可以利用漏洞使恶意脚本代码在目标用户浏览器上执行,导致敏感信息泄漏。 受影响的Novell User Application版本如下: 3.0.1 3.5.0 3.5.1 受影响的Novell Identity Manager Roles Based Provisioning模块版本如下: 3.6.0 3.6.1 Novell User Application 3.5.1 Novell User Application 3.5 Novell User Application 3.0.1 Novell Identity Manager Roles Based Provisioning Module 3.6.1 Novell Identity Manager Roles Based Provisioning Module 3.6 可参考如下安全公告获得补丁信息: <a href=http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033820.html target=_blank>http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033820.html</a> <a href=http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033840.html target=_blank>http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033840.html</a> <a href=http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5033841.html...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息