CVE-2019-18942
MEDIUMMicro Focus Solutions Business Manager <11.7.1 - XSS
Title source: llmDescription
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://knowledgebase.serena.com/resources/sites/KNOWLEDGEBASE/content/live/SOLUTIONS/142000/S142001/en_US/sbm_11.7.1_security_bulletin.htm
Scores
CVSS v3
5.5
EPSS
0.0007
EPSS Percentile
21.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-79
Status
published
Products (1)
microfocus/solutions_business_manager
< 11.7.1
Published
Feb 26, 2021
Tracked Since
Feb 18, 2026