Vulnerabilities > Microfocus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-24 | CVE-2019-11647 | Cross-site Scripting vulnerability in Microfocus Netiq Self Service Password Reset A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. | 6.1 |
| 2019-06-19 | CVE-2019-11649 | Cross-site Scripting vulnerability in Microfocus Fortify Software Security Center 17.20/18.10/18.20 Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. | 5.4 |
| 2019-06-07 | CVE-2019-3477 | Open Redirect vulnerability in Microfocus Solutions Business Manager Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | 6.1 |
| 2019-05-02 | CVE-2019-3490 | Cross-site Scripting vulnerability in Microfocus Open Enterprise Server 2015.1/2018.0/2018.1 A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. | 6.1 |
| 2019-03-27 | CVE-2018-19644 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 6.1 |
| 2019-02-20 | CVE-2019-3474 | Path Traversal vulnerability in Microfocus Filr 3.0 A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. | 6.5 |
| 2018-12-13 | CVE-2018-7691 | Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10 A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access | 6.5 |
| 2018-12-13 | CVE-2018-7690 | Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10 A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access | 6.5 |
| 2018-12-12 | CVE-2018-17952 | Cross-site Scripting vulnerability in Microfocus Edirectory Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 | 6.1 |
| 2018-12-12 | CVE-2018-17949 | Cross-site Scripting vulnerability in Microfocus Imanager Cross site scripting vulnerability in iManager prior to 3.1 SP2. | 6.1 |