CVE-2019-11651

Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests.

Published : 2019-10-02 21:15 Updated : 2019-10-10 19:37

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:-
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_1
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_10
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_11
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_12
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_13
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_14
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_15
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_16
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_17
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_18
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_19
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_2
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_3
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_4
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_5
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_6
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_7
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_8
Microfocus Enterprise Developer 3.0 cpe:/a:microfocus:enterprise_developer:3.0:patch_9
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:-
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_1
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_10
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_11
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_2
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_3
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_4
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_5
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_6
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_7
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_8
Microfocus Enterprise Developer 4.0 cpe:/a:microfocus:enterprise_developer:4.0:patch_9
Microfocus Enterprise Developer 5.0 cpe:/a:microfocus:enterprise_developer:5.0:-
Microfocus Enterprise Developer 5.0 cpe:/a:microfocus:enterprise_developer:5.0:patch_1
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:-
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_1
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_10
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_11
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_12
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_13
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_14
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_15
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_16
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_17
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_18
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_19
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_2
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_3
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_4
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_5
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_6
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_7
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_8
Microfocus Enterprise Server 3.0 cpe:/a:microfocus:enterprise_server:3.0:patch_9
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:-
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_1
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_10
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_11
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_2
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_3
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_4
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_5
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_6
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_7
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_8
Microfocus Enterprise Server 4.0 cpe:/a:microfocus:enterprise_server:4.0:patch_9
Microfocus Enterprise Server 5.0 cpe:/a:microfocus:enterprise_server:5.0:-
Microfocus Enterprise Server 5.0 cpe:/a:microfocus:enterprise_server:5.0:patch_1
  1. Microfocus (2) Search CVE
    1. Enterprise Server (3) Search CVE
      1. 3.0
      2. 4.0
      3. 5.0
    2. Enterprise Developer (3) Search CVE
      1. 3.0
      2. 4.0
      3. 5.0

CWE

ID Name Description Links
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. CVE

History of changes

Date Event
2019-10-10 19:37
2019-10-02 21:15

New CVE