Cross-site scripting vulnerability with Identity Server endpoints (CVE-2018-12480)

  • Document ID:7023513
  • Creation Date:12-Nov-2018
  • Modified Date:12-Nov-2018
    • Micro Focus Products:
      Access Manager (NAM)

Environment


Access Manager 4.4

Identity Provider Server

CVE-2018-12480

Situation

This addresses XSS vulnerabilities in the Access Manager Identity Provider Server product.

Resolution

Fixed in 4.4.3

Status

Security Alert