{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Novell eDirectory 8.8.2 et versions ant\u00e9rieures pour Windows 2000 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.7.3.9 et versions ant\u00e9rieures pour Windows 2000 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.8.2 et versions ant\u00e9rieures pour Linux ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.8.2 et versions ant\u00e9rieures pour Windows 2003 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.8.2 et versions ant\u00e9rieures pour Solaris ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.7.3.9 et versions ant\u00e9rieures pour Linux ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.7.3.9 et versions ant\u00e9rieures pour Windows 2003 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell eDirectory 8.7.3.9 et versions ant\u00e9rieures pour Solaris ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans l'interface iMonitor de Novell\neDirectory. Cette interface ne g\u00e8re pas correctement le retour de\ncertains pages et permet ainsi d'effectuer des attaques par injection de\ncode indirecte (Cross Site Scripting).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-0925","url":"https://www.cve.org/CVERecord?id=CVE-2008-0925"}],"links":[],"reference":"CERTA-2008-AVI-330","revisions":[{"description":"version initiale.","revision_date":"2008-06-20T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Novell eDirectory.\nL'exploitation de celle-ci conduit \u00e0 une attaque par injection de code\nindirecte (<span class=\"textit\">Cross Site Scripting</span>).\n","title":"Vuln\u00e9rabilit\u00e9 de Novell eDirectory","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Novell 3460217","url":"http://www.novell.com/support/viewContent.do?externalId=3460217&sliceId=1"}]}