A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.Referenceshttps://www.novell.com/support/kb/doc.php?id=7022356
