Cross-Site Scripting Vulnerability in Novell Vibe OnPrem Software
CVE-2010-4322

Currently unrated

Key Information:

Vendor: Novell
Status: Vibe Onprem
Vendor: CVE Published:; 7 January 2011

Summary

The Novell Vibe OnPrem 3 BETA software is susceptible to a Cross-Site Scripting (XSS) vulnerability that permits remote authenticated users to inject arbitrary web scripts or HTML. This exploitation primarily occurs through the Micro Blog feature, allowing malicious users to manipulate content displayed to other users. As a result, this poses significant risks to the integrity of the web application and could lead to further security breaches.

References

http://www.solutionary.com/index/SERT/Vuln-Disclosures/No...

x_refsource_MISC

http://www.securityfocus.com/archive/1/515147/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Jan 7, 2011
Vulnerability Reserved
Nov 29, 2010