Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-2778
cve
2010
2778
xss
webaccess
novell groupwise
security vulnerability
exploit
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.9%
Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a “Javascript XSS exploit.”
Affected configurations
Node
novellgroupwiseMatch7.0sp1
ORnovellgroupwiseMatch7.0sp2
ORnovellgroupwiseMatch7.0sp3
ORnovellgroupwiseMatch7.0sp4
ORnovellgroupwiseMatch8.0
ORnovellgroupwiseMatch8.0sp1
| CPE | Name | Operator | Version |
|---|---|---|---|
| novell:groupwise | novell groupwise | eq | 7.0 |
| novell:groupwise | novell groupwise | eq | 8.0 |
Related
prion
prion
Cross site scripting
2011-01-28 22:00:00
nvd
nvd
CVE-2010-2778
2011-01-28 22:00:04
cvelist
cvelist
CVE-2010-2778
2022-10-03 16:21:08
zdi
zdi
Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities
2010-07-20 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.9%
Related for CVE-2010-2778