CVE-2020-11845
MEDIUMMicro Focus Service Manager 9.50-9.63 - Cross-Site Scripting
Title source: llmDescription
Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML.
References (1)
Core 1
Core References
Various Sources x_refsource_misc
https://softwaresupport.softwaregrp.com/doc/KM03640285
Scores
CVSS v3
6.1
EPSS
0.0021
EPSS Percentile
43.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
microfocus/service_manager
9.50 - 9.63
Published
May 19, 2020
Tracked Since
Feb 18, 2026