CVE-2008-5095
Novell User Application 3.0.1-3.5.1 & Identity Manager 3.6.0-3.6.1 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30947
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020792
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020793
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/viewContent.do?externalId=7001157&sliceId=1
Scores
EPSS
0.0027
EPSS Percentile
50.5%
Details
CWE
CWE-79
Status
published
Products (5)
novell/identity_manager_roles_based_provisioning_module
3.6.0
novell/identity_manager_roles_based_provisioning_module
3.6.1
novell/user_application
3.0.1
novell/user_application
3.5.0
novell/user_application
3.5.1
Published
Nov 14, 2008
Tracked Since
Feb 18, 2026