Vulnerability Details CVE-2018-7681
Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.3%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2018-7681
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.3
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.3.1
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.4
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.4.1
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.5
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.5.1
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.5.2
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.5.3
-
cpe:2.3:a:microfocus:solutions_business_manager:10.1.5.4
-
cpe:2.3:a:microfocus:solutions_business_manager:11.0
-
cpe:2.3:a:microfocus:solutions_business_manager:11.0.1
-
cpe:2.3:a:microfocus:solutions_business_manager:11.0.1.1
-
cpe:2.3:a:microfocus:solutions_business_manager:11.1
-
cpe:2.3:a:microfocus:solutions_business_manager:11.2
-
cpe:2.3:a:microfocus:solutions_business_manager:11.3
-
cpe:2.3:a:microfocus:solutions_business_manager:11.3.1