CVE-2020-11850

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
21/08/2024
Last modified:
23/08/2024

Description

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:microfocus:netiq_self_service_password_reset:*:*:*:*:*:*:*:* 4.4 (excluding)
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_2:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_3:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_4:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.4:update_5:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.5:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_self_service_password_reset:4.5:update_1:*:*:*:*:*:*