Vulnerabilities > Microfocus > Self Service Password Reset > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-24 | CVE-2016-1599 | Cross-site Scripting vulnerability in Microfocus Self Service Password Reset Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |