Netiq · Netiq Access Manager · CVE-2021-22531
**Name of the Vulnerable Software and Affected Versions**
NetIQ Access Manager versions 4.5 through 5.0
**Description**
A bug exists in the input parameter of Access Manager that allows the supply of invalid characters to trigger a cross-site scripting issue.
**Recommendations**
For versions 4.5 and 5.0, consider restricting input to prevent the supply of invalid characters until a fix is available.
As a temporary workaround, restrict access to the vulnerable input parameter to minimize the risk of exploitation.