CVE-2017-7430

MEDIUM

Novell iManager <2.7 SP7 Patch 10 HF1 & NetIQ iManager <3.0.3.1 - XSS

Title source: llm

Description

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.

References (6)

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=1024959

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=1030691

[Various Sources] https://dl.netiq.com/Download?buildid=24FxpmqdThE~

[Various Sources] https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~

[Various Sources] https://www.netiq.com/support/kb/doc.php?id=7016795

[Vendor Advisory] https://www.novell.com/support/kb/doc.php?id=7010166

Scores

CVSS v3 6.1

EPSS 0.0066

EPSS Percentile 70.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-79

Status published

Affected Products (29)

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

novell/imanager

... and 14 more

Timeline

Published May 03, 2017

Tracked Since Feb 18, 2026