CVE-2007-4557

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise Webaccess
Vendor: CVE Published:; 28 August 2007

Summary

Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2.

References

http://0x000000.com/index.php?i=409

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 28, 2007

Collectors

NVD DatabaseMitre Database