CVE-2017-7421 is a vulnerability in Micro Focus Enterprise Developer
Published on August 21, 2017
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features.
Weakness Type
What is a XSS Vulnerability?
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVE-2017-7421 has been classified to as a XSS vulnerability or weakness.
Products Associated with CVE-2017-7421
Want to know whenever a new CVE is published for Micro Focus Enterprise Developer? stack.watch will email you.
Affected Versions
Micro Focus Enterprise Developer, Micro Focus Enterprise Server Version All versions before 2.3 Update 1, 2.3 Update 1 before Hotfix 8, 2.3 Update 2 before Hotfix 9 is affected by CVE-2017-7421Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.