CVE-2006-4220
Novell GroupWise WebAccess vulnerable to multiple XSS flaws in version before 7 Support Pack 3 Public Beta. Exploitation vectors involve crafted inputs in parameters (User.html, Error, User.Theme.index, User.lang) that allow remote attackers to inject arbitrary script/HTML. Root cause is cross-si...