CVE-2007-0110
Novell Access Manager Identity Server < 3 - Cross-Site Scripting via IssueInstant Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-0110. PoCs published by anonymous.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Access Manager Identity Server by injecting arbitrary JavaScript code via the 'IssueInstant' parameter in a GET request. The vulnerability arises due to insufficient input sanitization.
Description
Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Access Manager Identity Server by injecting arbitrary JavaScript code via the 'IssueInstant' parameter in a GET request. The vulnerability arises due to insufficient input sanitization.