CVE-2006-3818

Name of the Vulnerable Software and Affected Versions Novell GroupWise WebAccess versions 6.5 before 20060721 Novell GroupWise WebAccess versions 7 before 20060727

Description A cross-site scripting (XSS) issue exists in the login page, allowing remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter. This could potentially lead to unauthorized actions on the affected system.

Recommendations For Novell GroupWise WebAccess versions 6.5 before 20060721, update to a version after 20060721. For Novell GroupWise WebAccess versions 7 before 20060727, update to a version after 20060727.