CVE-2020-11850

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microfocus:netiq_self_service_password_reset:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_2:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_3:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_4:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_5:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.5:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.5:update_1:*:*:*:*:*:*

History

23 Aug 2024, 17:02

Type Values Removed Values Added
References () https://www.netiq.com/documentation/self-service-password-reset-45/sspr-4502-release-notes/data/sspr-4502-release-notes.html#b149gz5h - () https://www.netiq.com/documentation/self-service-password-reset-45/sspr-4502-release-notes/data/sspr-4502-release-notes.html#b149gz5h - Release Notes
First Time Microfocus
Microfocus netiq Self Service Password Reset
CWE CWE-79
Summary
  • (es) La vulnerabilidad de validación de entrada incorrecta en OpenText Self Service Password Reset permite cross-site scripting (XSS). Este problema afecta al autoservicio de restablecimiento de contraseña antes de 4.5.0.2 y 4.4.0.6
CPE cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_2:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_3:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_5:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.5:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.5:update_1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_4:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:-:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 7.3
v2 : unknown
v3 : 6.1

21 Aug 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-21 13:15

Updated : 2024-08-23 17:02


NVD link : CVE-2020-11850

Mitre link : CVE-2020-11850

CVE.ORG link : CVE-2020-11850


JSON object : View

Products Affected

microfocus

  • netiq_self_service_password_reset
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-20

Improper Input Validation