CVE-2019-11651

Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
microfocusCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
microfocusenterprise_developer
3.0
microfocusenterprise_developer
3.0:patch_1
microfocusenterprise_developer
3.0:patch_10
microfocusenterprise_developer
3.0:patch_11
microfocusenterprise_developer
3.0:patch_12
microfocusenterprise_developer
3.0:patch_13
microfocusenterprise_developer
3.0:patch_14
microfocusenterprise_developer
3.0:patch_15
microfocusenterprise_developer
3.0:patch_16
microfocusenterprise_developer
3.0:patch_17
microfocusenterprise_developer
3.0:patch_18
microfocusenterprise_developer
3.0:patch_19
microfocusenterprise_developer
3.0:patch_2
microfocusenterprise_developer
3.0:patch_3
microfocusenterprise_developer
3.0:patch_4
microfocusenterprise_developer
3.0:patch_5
microfocusenterprise_developer
3.0:patch_6
microfocusenterprise_developer
3.0:patch_7
microfocusenterprise_developer
3.0:patch_8
microfocusenterprise_developer
3.0:patch_9
microfocusenterprise_developer
4.0
microfocusenterprise_developer
4.0:patch_1
microfocusenterprise_developer
4.0:patch_10
microfocusenterprise_developer
4.0:patch_11
microfocusenterprise_developer
4.0:patch_2
microfocusenterprise_developer
4.0:patch_3
microfocusenterprise_developer
4.0:patch_4
microfocusenterprise_developer
4.0:patch_5
microfocusenterprise_developer
4.0:patch_6
microfocusenterprise_developer
4.0:patch_7
microfocusenterprise_developer
4.0:patch_8
microfocusenterprise_developer
4.0:patch_9
microfocusenterprise_developer
5.0
microfocusenterprise_developer
5.0:patch_1
microfocusenterprise_server
3.0
microfocusenterprise_server
3.0:patch_1
microfocusenterprise_server
3.0:patch_10
microfocusenterprise_server
3.0:patch_11
microfocusenterprise_server
3.0:patch_12
microfocusenterprise_server
3.0:patch_13
microfocusenterprise_server
3.0:patch_14
microfocusenterprise_server
3.0:patch_15
microfocusenterprise_server
3.0:patch_16
microfocusenterprise_server
3.0:patch_17
microfocusenterprise_server
3.0:patch_18
microfocusenterprise_server
3.0:patch_19
microfocusenterprise_server
3.0:patch_2
microfocusenterprise_server
3.0:patch_3
microfocusenterprise_server
3.0:patch_4
microfocusenterprise_server
3.0:patch_5
microfocusenterprise_server
3.0:patch_6
microfocusenterprise_server
3.0:patch_7
microfocusenterprise_server
3.0:patch_8
microfocusenterprise_server
3.0:patch_9
microfocusenterprise_server
4.0
microfocusenterprise_server
4.0:patch_1
microfocusenterprise_server
4.0:patch_10
microfocusenterprise_server
4.0:patch_11
microfocusenterprise_server
4.0:patch_2
microfocusenterprise_server
4.0:patch_3
microfocusenterprise_server
4.0:patch_4
microfocusenterprise_server
4.0:patch_5
microfocusenterprise_server
4.0:patch_6
microfocusenterprise_server
4.0:patch_7
microfocusenterprise_server
4.0:patch_8
microfocusenterprise_server
4.0:patch_9
microfocusenterprise_server
5.0
microfocusenterprise_server
5.0:patch_1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://softwaresupport.softwaregrp.com/doc/KM03532232
https://softwaresupport.softwaregrp.com/doc/KM03532232