Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features, if this component is configured. Note esfadmingui is not enabled by default.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microfocus
Published: 2017-08-19T00:00:00
Updated: 2021-01-06T16:15:47
Reserved: 2017-04-05T00:00:00
Link: CVE-2017-7422
JSON object: View
NVD Information
Status : Modified
Published: 2017-08-21T15:29:00.293
Modified: 2023-11-07T02:50:04.633
Link: CVE-2017-7422
JSON object: View
Redhat Information
No data.
CWE