CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

microfocus

netiq_self_service_password_reset

4 known vulnerabilities · sorted by CVSS score

CVE-2019-11652

CRITICAL9.8

A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate.

microfocus / netiq_self_service_password_reset+2

Network

Published Aug 14, 2019

CVE-2020-11850

HIGH7.3

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6

microfocus / netiq_self_service_password_reset+8

Network

Published Aug 21, 2024

CVE-2019-11647

MEDIUM6.1

A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack.

microfocus / netiq_self_service_password_reset

Network

Published Jun 24, 2019

CVE-2019-11674

MEDIUM5.9

Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.

microfocus / netiq_self_service_password_reset+4

Network

Published Oct 22, 2019