cpe:/a:openidm_project:openidm:4.0.0 cpe:/a:openidm_project:openidm:4.5.0 CVE-2017-7590 2017-04-08T21:59:00.230-04:00 2017-04-28T21:59:02.023-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BID 98044 MISC http://www.rootlabs.com.br/forgerock-persistent-and-reflected-cross-site-scripting-xss/ CONFIRM https://backstage.forgerock.com/knowledge/kb/article/a92936505 OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by a crafted Managed Object Name.