Vulnerabilities > Microfocus > Access Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2021-22531 | Cross-site Scripting vulnerability in Microfocus Access Manager 4.5/5.0 A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. | 6.1 |
| 2021-09-13 | CVE-2021-22524 | XML Injection (aka Blind XPath Injection) vulnerability in Microfocus Access Manager 5.0 Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | 4.9 |
| 2021-09-13 | CVE-2021-22526 | Open Redirect vulnerability in Microfocus Access Manager 5.0 Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | 6.1 |
| 2021-09-13 | CVE-2021-22528 | Cross-site Scripting vulnerability in Microfocus Access Manager 5.0 Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | 5.4 |
| 2021-09-02 | CVE-2021-22525 | Unspecified vulnerability in Microfocus Access Manager This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 | 5.5 |
| 2021-03-26 | CVE-2020-25840 | Cross-site Scripting vulnerability in Microfocus Access Manager Cross-Site scripting vulnerability in Micro Focus Access Manager product, affects all version prior to version 5.0. | 6.1 |
| 2018-11-20 | CVE-2018-17948 | Open Redirect vulnerability in Microfocus Access Manager An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3. | 6.1 |
| 2018-11-15 | CVE-2018-12480 | Cross-site Scripting vulnerability in Microfocus Access Manager Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. | 6.1 |