Security Advisory

CVE-2017-5183

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-04-20 18:00:00

Last updated 2024-08-05 14:55:35

Assigner microfocus

State PUBLISHED

Description

NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document.

← Browse all CVEs View on cve.org ↗