Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-2276
HistoryJul 26, 2005 - 4:00 a.m.

CVE-2005-2276

2005-07-2604:00:00
[email protected]
web.nvd.nist.gov
34
security
vulnerability
xss
novell groupwise
webaccess
6.5
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.3%

JSON

Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. “j&#X41vascript” in an IMG tag.

Affected configurations

NVD
Node
novellgroupwise_webaccessMatch6.0sp4
OR
novellgroupwise_webaccessMatch6.5
OR
novellgroupwise_webaccessMatch6.5sp1
OR
novellgroupwise_webaccessMatch6.5sp2
OR
novellgroupwise_webaccessMatch6.5sp3
OR
novellgroupwise_webaccessMatch6.5sp4

Related

cvelist 1
nessus 2
securityvulns 1
nvd 1
cvelist
cvelist
CVE-2005-2276
2005-07-26 04:00:00
nessus
nessus
Novell GroupWise WebAccess Email IMG SRC XSS
2005-07-20 00:00:00
CGI Generic XSS (comprehensive test)
2010-07-26 00:00:00
securityvulns
securityvulns
[Full-disclosure] [ISR] - Novell Groupwise WebAccess Cross-Site Scripting
2005-07-19 00:00:00
nvd
nvd
CVE-2005-2276
2005-07-26 04:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.3%

JSON
Related for CVE-2005-2276
cvelist1nessus2securityvulns1nvd1