Unrated severityNVD Advisory· Published Jan 7, 2011· Updated Apr 29, 2026

CVE-2010-4324

Description

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

Novell/Identity Manager
cpe:2.3:a:novell:identity_manager:*:*:*:*:*:*:*:*
Novell/Identity Manager Roles Based Provisioning Module
cpe:2.3:a:novell:identity_manager_roles_based_provisioning_module:*:*:*:*:*:*:*:*
Range: <=3.7.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/42819nvdVendor Advisory
www.vupen.com/english/advisories/2011/0038nvdVendor Advisory
osvdb.org/70298nvd
support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.htmlnvd
www.securityfocus.com/bid/45692nvd
www.securitytracker.com/idnvd
bugzilla.novell.com/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/64501nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000