CVE-2010-4324
Novell Identity Manager Roles Based Provisioning Module < 3.7.0 - Cross-Site Scripting in Approval Form
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/70298
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0038
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45692
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42819
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024941
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=653516
Vendor Advisory x_refsource_confirm
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64501
Scores
EPSS
0.0175
EPSS Percentile
82.8%
Details
CWE
CWE-79
Status
published
Products (2)
novell/identity_manager
novell/identity_manager_roles_based_provisioning_module
< 3.7.0
Published
Jan 07, 2011
Tracked Since
Feb 18, 2026