3 matches found
Novell GroupWise WebAccess 8.x < 8.0.3 Multiple XSS Vulnerabilities
The version of Novell GroupWise installed on the remote Windows host is earlier than 8.0.3. It is, therefore, reportedly affected by multiple cross-site scripting vulnerabilities : - The application fails to sanitize user-supplied input to the 'merge' parameter of the 'Search Document' form...
CVE-2012-0272
Cross-site scripting XSS vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to inject arbitrary web script or HTML via the merge parameter...
CVE-2012-0272
CVE-2012-0272 concerns an XSS vulnerability in the WebAccess component of Novell GroupWise 8.0 prior to Support Pack 3, where an attacker can inject arbitrary script or HTML via the merge parameter. Multiple connected sources (SUSE SUSE CVE page, NVD/NVD entries, Nessus plugin) corroborate the af...