Novell GroupWise WebAccess Error Module About Page XSS

ID OSVDB:13134
Type osvdb
Reporter OSVDB
Modified 2005-01-22T02:46:12


Technical Description

If the about.htt has been deleted (as a precaution to avoid this XSS issue), requesting https://[target]/servlet/webacc?merge=about will disclose the intallation path of the GroupWise software.


Vendor URL: Security Tracker: 1012928 Related OSVDB ID: 13135 Mail List Post: Mail List Post: