Cross-Site Scripting Vulnerability in Novell ZENworks Configuration Management
CVE-2013-1097

Currently unrated

Key Information:

Vendor

Novell
Status
Zenworks Configuration Management
Vendor
CVE Published:
17 June 2013

What is CVE-2013-1097?

A Cross-Site Scripting (XSS) vulnerability exists in the ZCC page of njwc.jar in Novell ZENworks Configuration Management, which affects versions prior to the 11.2.3a Monthly Update 1. This vulnerability enables remote attackers to inject arbitrary web scripts or HTML into pages, specifically through onload event vectors. Exploiting this flaw could lead to unauthorized actions on behalf of users, compromising user data and session integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/support/kb/doc.php?id=7012027
x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7012025
x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7012502
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.