Vulnerabilities > Microfocus > Netiq Self Service Password Reset

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2020-11850 Cross-site Scripting vulnerability in Microfocus Netiq Self Service Password Reset
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6
network
low complexity
microfocus CWE-79
6.1
2019-10-22 CVE-2019-11674 Improper Certificate Validation vulnerability in Microfocus Netiq Self Service Password Reset
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4.
network
high complexity
microfocus CWE-295
5.9
2019-08-14 CVE-2019-11652 Unspecified vulnerability in Microfocus Netiq Self Service Password Reset
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6.
network
low complexity
microfocus
critical
9.8
2019-06-24 CVE-2019-11647 Cross-site Scripting vulnerability in Microfocus Netiq Self Service Password Reset
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4.
network
low complexity
microfocus CWE-79
6.1