Lucene search

PRIOn knowledge basePRION:CVE-2013-1086

HistoryApr 19, 2013 - 11:44 a.m.

Cross site scripting

2013-04-1911:44:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.2%

JSON

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.

CPENameOperatorVersion
groupwiseeq2012
groupwiseeq2012 sp1-hp1
groupwiseeq2012 sp1
groupwiseeq7.0.4
groupwiseeq6.5 sp5
groupwiseeq6.0
groupwiseeq7.0
groupwiseeq7.3 hp2
groupwiseeq8.0 hp3
groupwiseeq8.2 hp2

Name	Operator	Version
groupwise	eq	2012
groupwise	eq	2012 sp1-hp1
groupwise	eq	2012 sp1
groupwise	eq	7.0.4
groupwise	eq	6.5 sp5
groupwise	eq	6.0
groupwise	eq	7.0
groupwise	eq	7.3 hp2
groupwise	eq	8.0 hp3
groupwise	eq	8.2 hp2

Rows per page:

1-10 of 501

References

secunia.com/advisories/53098

www.novell.com/support/kb/doc.php?id=7012064

bugzilla.novell.com/show_bug.cgi?id=802906

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.2%

JSON

Related for PRION:CVE-2013-1086