CVE-2017-14801

Name of the Vulnerable Software and Affected Versions: NetIQ Access Manager versions prior to 4.3.3

Description: The issue allows attackers to perform a reflected XSS attack by using the url parameter to reflect back malicious code into the called page.

Recommendations: For versions prior to 4.3.3, update to version 4.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the url parameter to minimize the risk of exploitation.