Vulnerabilities > Microfocus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-26331 | Cross-site Scripting vulnerability in Microfocus Arcsight Logger Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. | 6.1 |
| 2022-05-12 | CVE-2021-22531 | Cross-site Scripting vulnerability in Microfocus Access Manager 4.5/5.0 A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. | 6.1 |
| 2022-05-02 | CVE-2022-26325 | Cross-site Scripting vulnerability in Microfocus Netiq Access Manager Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2 | 6.1 |
| 2022-05-02 | CVE-2022-26326 | Open Redirect vulnerability in Microfocus Netiq Access Manager Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 | 6.1 |
| 2022-02-04 | CVE-2021-38130 | Unspecified vulnerability in Microfocus Voltage Securemail A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. | 6.5 |
| 2022-01-14 | CVE-2021-38126 | Cross-site Scripting vulnerability in Microfocus Arcsight Enterprise Security Manager 7.4/7.5 Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. | 6.1 |
| 2022-01-14 | CVE-2021-38127 | Cross-site Scripting vulnerability in Microfocus Arcsight Enterprise Security Manager 7.4/7.5 Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. | 6.1 |
| 2021-09-28 | CVE-2021-22535 | Incorrect Authorization vulnerability in Microfocus Netiq Directory and Resource Administrator Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. | 4.9 |
| 2021-09-13 | CVE-2021-22524 | XML Injection (aka Blind XPath Injection) vulnerability in Microfocus Access Manager 5.0 Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | 4.9 |
| 2021-09-13 | CVE-2021-22526 | Open Redirect vulnerability in Microfocus Access Manager 5.0 Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | 6.1 |