CVE-2012-0428

NetIQ eDirectory <8.8.6.7, <8.8.7.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (4)

[Vendor Advisory] http://www.novell.com/support/kb/doc.php?id=3426981

[Vendor Advisory] http://www.novell.com/support/kb/doc.php?id=7011539

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027911

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=772899

Scores

EPSS 0.0026

EPSS Percentile 48.7%

Details

CWE

CWE-79

Status published

Products (10)

microfocus/edirectory

n/a/n/a

Published Dec 25, 2012

Tracked Since Feb 18, 2026