A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.
References
Link | Resource |
---|---|
https://marketplace.microfocus.com/itom/content/operations-bridge-manager-obm-2022-05-hotfixes | Product Vendor Advisory |
https://portal.microfocus.com/s/article/KM000012517?language=en_US | Vendor Advisory |
https://portal.microfocus.com/s/article/KM000012518?language=en_US | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-12-08 08:15
Updated : 2022-12-12 07:34
NVD link : CVE-2022-38754
Mitre link : CVE-2022-38754
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
microfocus
- operations_bridge_manager
- operations_bridge