Cross site scripting

2008-08-0618:41:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.4%

JSON

Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
groupwiseeq7.0
groupwiseeq7.0.2
groupwiseeq7.0 sp1
groupwiseeq7.0 sp3
groupwiseeq7.0.3
groupwiseeq7.0 sp2

Name	Operator	Version
groupwise	eq	7.0
groupwise	eq	7.0.2
groupwise	eq	7.0 sp1
groupwise	eq	7.0 sp3
groupwise	eq	7.0.3
groupwise	eq	7.0 sp2

References

secunia.com/advisories/30839

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028200.html

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028303.html

www.securityfocus.com/bid/29922

www.securitytracker.com/id?1020359

www.vupen.com/english/advisories/2008/1929/references

exchange.xforce.ibmcloud.com/vulnerabilities/43326