CVE-2018-7681
Summary
| CVE | CVE-2018-7681 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-06-21 19:29:00 UTC |
| Updated | 2023-11-07 03:01:00 UTC |
| Description | Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microfocus | Solutions Business Manager | All | All | All | All |
| Application | Micro Focus | Solutions Business Manager | All | All | All | All |
| Application | Micro Focus | Solutions Business Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SBM 11.4 Release Notes | CONFIRM | help.serena.com | Release Notes, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.