Vulnerabilities > Netiq > Privileged Account Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2017-7437 Cross-site Scripting vulnerability in Netiq Privileged Account Manager 3.1
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests.
network
low complexity
netiq CWE-79
6.1
6.1
2018-03-02 CVE-2017-7438 Cross-site Scripting vulnerability in Netiq Privileged Account Manager 3.1
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter.
network
low complexity
netiq CWE-79
6.1
6.1