Cross-Site Scripting Vulnerability in Novell Open Enterprise Server
CVE-2014-0599

Currently unrated

Key Information:

Vendor: Novell
Status: Open Enterprise Server
Vendor: CVE Published:; 18 June 2014

What is CVE-2014-0599?

A cross-site scripting vulnerability exists in the iPrint component of Novell Open Enterprise Server (OES) 11 SP1, allowing remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This flaw could potentially enable attackers to manipulate web pages viewed by users, leading to unauthorized actions or information disclosure.

References

https://www.novell.com/support/kb/doc.php?id=7010867

x_refsource_CONFIRM

http://secunia.com/advisories/59113

third-party-advisoryx_refsource_SECUNIA

https://bugzilla.novell.com/show_bug.cgi?id=869975

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2014
Vulnerability Reserved
Dec 28, 2013