Vulnerabilities > Broadcom > Symantec Identity Manager > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-26 | CVE-2023-23949 | Cross-site Scripting vulnerability in Broadcom products An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser. | 5.4 |
2023-01-26 | CVE-2023-23950 | Cross-site Scripting vulnerability in Broadcom products User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses. | 6.1 |
2023-01-26 | CVE-2023-23951 | Cross-site Scripting vulnerability in Broadcom products Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application | 6.1 |