CVE-2017-5183

Published: 2017-04-20T18:59Z

Last Modified: 2024-11-21T03:27Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt