CVE-2017-14799

Name of the Vulnerable Software and Affected Versions: NetIQ Access Manager versions prior to 4.3.3

Description: A cross-site scripting issue exists in the handling of the ESP login parameter, allowing an attacker to inject JavaScript code into the login page.

Recommendations: For versions prior to 4.3.3, update to version 4.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the login page to minimize the risk of exploitation.