CVE-2009-4662

2010-03-0320:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

61.3%

JSON

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter.

References

secunia.com/advisories/36746

www.novell.com/support/viewContent.do?externalId=7004410&sliceId=1

www.securityfocus.com/bid/36437

www.securitytracker.com/id?1022910

www.vupen.com/english/advisories/2009/2689

exchange.xforce.ibmcloud.com/vulnerabilities/53322