Cross-Site Scripting Vulnerability in Novell GroupWise WebAccess
CVE-2006-3817

Currently unrated

Key Information:

Vendor

Novell
Status
Groupwise Webaccess
Vendor
CVE Published:
11 August 2006

What is CVE-2006-3817?

A cross-site scripting vulnerability exists in Novell GroupWise WebAccess versions 6.5 and 7 prior to July 27, 2006. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML code via an encoded SCRIPT element contained in an email message utilizing the UTF-7 character set. Exploiting this flaw could enable attackers to potentially execute malicious scripts in the context of the affected user's session, leading to unauthorized actions or data exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/442719/100/100/thr...
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/19297
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/28211
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.