First published: Thu May 02 2019(Updated: )
A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and OES2018SP1. Older versions may be affected but were not tested as they are out of support.
Credit: security@microfocus.com security@opentext.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microfocus Open Enterprise Server | =2015.1 | |
Microfocus Open Enterprise Server | =2018.0 | |
Microfocus Open Enterprise Server | =2018.1 | |
=2015.1 | ||
=2018.0 | ||
=2018.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.