CVE-2018-1347Cross-site Scripting in Imanager

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
CNA5.3
EPSS
0.2%
top 58.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netiq Imanager
Timeline
PublishedMar 21
Latest updateMay 13

Description

The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

CVEListV5netiq/imanageriManager prior to (3.1)3.1
NVDnetiq/imanager< 3.1

🔴Vulnerability Details

2
GHSA
GHSA-6qv5-x69x-w977: The administrative web interface in NetIQ iManager, versions prior to 32022-05-13
CVEList
NetIQ iManager, versions prior to 3.1, reflected XSS issue2018-03-21
CVE-2018-1347 — Cross-site Scripting in Netiq Imanager | cvebase