3 matches found
Novell GroupWise WebAccess Cross-Site Scripting (CVE-2014-0611)
A cross-site scripting vulnerability exists in Novell GroupWise WebAccess. The vulnerability is due to lack of input validation when handling email attachments. A remote, unauthenticated attacker can exploit this vulnerability by enticing a target user to view crafted web content. A successful...
CVE-2014-0611
Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-0611
CVE-2014-0611 affects Novell GroupWise WebAccess: multiple XSS vulnerabilities in WebAccess components, exposed in GroupWise 2012 before SP4 and 2014 before SP2. The root cause is unspecified vectors leading to ability for remote attackers to inject arbitrary web script/HTML in a user session. Ou...