CVE-2022-26325

Name of the Vulnerable Software and Affected Versions NetIQ Access Manager versions prior to 5.0.2

Description The issue is a Reflected Cross Site Scripting (XSS) vulnerability. This means an attacker can inject malicious scripts into a website, which are then executed by the user's browser. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For versions prior to 5.0.2, update to version 5.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation. Avoid using potentially vulnerable API endpoints until the issue is resolved.