45 matches found
CVE-2013-1086
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute...
Cross site scripting
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute...
CVE-2013-1086
CVE-2013-1086 is a Cross-site scripting (XSS) vulnerability in WebAccess of Novell GroupWise prior to 8.0.3 HP3, and 2012 prior to SP2. The issue permits remote attackers to inject arbitrary web script or HTML via onError attribute vectors. Connected documents confirm the affected product (Novell...
XSS using onerror
We had a user enter a viagra ad that actual redirected to their site. I think the offending code was here: although obviously they didn't use example.com I've attached the whole page for examination...
CVE-2006-3767
The CVE-2006-3767 entry describes a Cross-site Scripting (XSS) vulnerability in Darren's osDate 1.1.7 and earlier (showprofile.php) that allows remote attackers to inject arbitrary script/HTML via the onerror attribute in an HTML IMG tag with a non-existent src, used when posting a comment (txtco...