PT-2018-18206 · Micro Focus · Micro Focus Solutions Business Manager
Published
2018-06-21
·
Updated
2021-04-09
·
CVE-2018-7680
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Micro Focus Solutions Business Manager versions prior to 11.4
Description
The issue allows HTTP header values to be reflected back, which can be used to manipulate user sessions or conduct further attacks.
Recommendations
For versions prior to 11.4, update to version 11.4 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Micro Focus Solutions Business Manager