CVE-2018-6495

Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microfocus:universal_cmdb:0.20:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.21:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.22:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.30:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.31:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.32:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:10.33:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb:11.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:microfocus:universal_cmdb_browser:4.10:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb_browser:4.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb_browser:4.12:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb_browser:4.13:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb_browser:4.14:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:universal_cmdb_browser:4.15.1:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:microfocus:cms_server:4.10:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:cms_server:4.11:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:cms_server:4.12:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:cms_server:4.13:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:cms_server:4.14:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:cms_server:4.15.1:*:*:*:*:*:*:*

Information

Published : 2018-05-23 11:29

Updated : 2023-03-03 11:02


NVD link : CVE-2018-6495

Mitre link : CVE-2018-6495


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

microfocus

  • universal_cmdb_browser
  • cms_server
  • universal_cmdb