A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.

Related CVEs

CVE-2017-7419

Key Information

GHSA ID

GHSA-4xw5-f963-pp9r

Published

May 13, 2022 1:36 AM

Last Modified

May 13, 2022 1:36 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.