Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via a taskDetail taskId.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Identity Manager Roles Based Provisioning Module | 4.0.2 |
Related Weaknesses (CWE)
References
- http://download.novell.com/Download?buildid=dnDbmYe8PZc~
- http://www.securitytracker.com/id/1029532
- https://bugzilla.novell.com/show_bug.cgi?id=819115
- http://download.novell.com/Download?buildid=dnDbmYe8PZc~
- http://www.securitytracker.com/id/1029532
- https://bugzilla.novell.com/show_bug.cgi?id=819115
FAQ
What is CVE-2013-1096?
CVE-2013-1096 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script ...
How severe is CVE-2013-1096?
CVE-2013-1096 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1096?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Identity Manager Roles Based Provisioning Module.