2 matches found
CVE-2009-0273
CVE-2009-0273 affects Novell GroupWise WebAccess (versions 6.5x, 7.0/7.01/7.02x/7.03/7.03HP1a, and 8.0). The vulnerability stems from cross-site scripting via unsanitized input in the WebAccess component, notably the POST parameters User.id and Library.queryText to /gw/webacc, with additional vec...
PR08-22: Persistent XSS on Novell GroupWise WebAccess
PR08-22: Persistent XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: High Credits: Jan Fry of ProCheckUp Ltd www.procheckup.com. ProCheckUp thanks Novell for working with us in such a...