Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.
References
Link | Resource |
---|---|
http://secunia.com/advisories/53098 | Permissions Required |
http://www.novell.com/support/kb/doc.php?id=7012064 | Third Party Advisory Vendor Advisory |
https://bugzilla.novell.com/show_bug.cgi?id=802906 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2013-04-19 11:44
Updated : 2024-02-28 12:00
NVD link : CVE-2013-1086
Mitre link : CVE-2013-1086
CVE.ORG link : CVE-2013-1086
JSON object : View
Products Affected
novell
- groupwise
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')