CVE-2013-1086

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise
Vendor: CVE Published:; 19 April 2013

Summary

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.

References

http://www.novell.com/support/kb/doc.php?id=7012064

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=802906

x_refsource_CONFIRM

http://secunia.com/advisories/53098

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 19, 2013
Vulnerability Reserved
Jan 11, 2013

Collectors

NVD DatabaseMitre Database