Filtered by vendor Microfocus
Subscribe
Filtered by product Netiq Self Service Password Reset
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11850 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-08-23 | N/A | 6.1 MEDIUM |
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6 | |||||
CVE-2019-11674 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack. | |||||
CVE-2019-11652 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. | |||||
CVE-2019-11647 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack. |