CVE-2019-11651
Last modified
CVE-2019-11651 is a medium-severity vulnerability rated 6.1/10 on the CVSS scale. Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests.. EPSS estimates a 0.78% chance of exploitation in the next 30 days.
Description
Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microfocus | Enterprise Developer | 3.0 |
| Microfocus | Enterprise Developer | 4.0 |
| Microfocus | Enterprise Developer | 5.0 |
| Microfocus | Enterprise Server | 3.0 |
| Microfocus | Enterprise Server | 4.0 |
| Microfocus | Enterprise Server | 5.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-11651?
How severe is CVE-2019-11651?
How do I fix CVE-2019-11651?
Are you affected by CVE-2019-11651?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST