Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.
References
Link | Resource |
---|---|
http://secunia.com/advisories/53098 | Permissions Required |
http://www.novell.com/support/kb/doc.php?id=7012064 | Third Party Advisory Vendor Advisory |
https://bugzilla.novell.com/show_bug.cgi?id=802906 | Issue Tracking |
http://secunia.com/advisories/53098 | Permissions Required |
http://www.novell.com/support/kb/doc.php?id=7012064 | Third Party Advisory Vendor Advisory |
https://bugzilla.novell.com/show_bug.cgi?id=802906 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 01:48
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/53098 - Permissions Required | |
References | () http://www.novell.com/support/kb/doc.php?id=7012064 - Third Party Advisory, Vendor Advisory | |
References | () https://bugzilla.novell.com/show_bug.cgi?id=802906 - Issue Tracking |
Information
Published : 2013-04-19 11:44
Updated : 2024-11-21 01:48
NVD link : CVE-2013-1086
Mitre link : CVE-2013-1086
CVE.ORG link : CVE-2013-1086
JSON object : View
Products Affected
novell
- groupwise
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')