Vulnerability Details CVE-2017-14800
A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 4.3
References
Products affected by CVE-2017-14800
-
cpe:2.3:a:netiq:access_manager:4.0
-
cpe:2.3:a:netiq:access_manager:4.0.1
-
cpe:2.3:a:netiq:access_manager:4.1
-
cpe:2.3:a:netiq:access_manager:4.2
-
cpe:2.3:a:netiq:access_manager:4.3