Cross-Site Scripting Vulnerabilities in Novell GroupWise by Novell
CVE-2011-2661

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise
Vendor: CVE Published:; 8 October 2011

Summary

Multiple cross-site scripting (XSS) vulnerabilities exist in Novell GroupWise 8.0 before HP3, which allow remote attackers to inject arbitrary web scripts or HTML code. This is achieved through manipulating the 'Directory.Item.name' and 'Directory.Item.displayName' parameters, potentially compromising user data and undermining web application integrity.

References

https://bugzilla.novell.com/show_bug.cgi?id=702786

x_refsource_CONFIRM

http://www.novell.com/support/viewContent.do?externalId=7...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 8, 2011