Intrusion Prevention

Novell.eDirectory.IMONITOR.XSS

Description

This indicates an attack attempt against a Cross Site Scripting vulnerability in Novell eDirectory.
The vulnerability is due to insufficient validation of user supplied data in the application. A remote attacker can exploit this to execute arbitrary script code within context of the user browser.

Affected Products

Novell eDirectory prior to 8.8 SP8 patch 4

Impact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Apply the most recent upgrade or patch from the vendor
https://www.novell.com/support/kb/doc.php?id=3426981

CVE References

CVE-2014-5212