PT-2013-2863 · Novell · Novell Groupwise
Publicado
2013-04-19
·
Atualizado
2017-09-02
·
CVE-2013-1086
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Novell GroupWise versions prior to 8.0.3 HP3
Novell GroupWise 2012 versions prior to SP2
Description
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via vectors involving an
onError attribute.Recommendations
For Novell GroupWise versions prior to 8.0.3 HP3, update to version 8.0.3 HP3 or later.
For Novell GroupWise 2012 versions prior to SP2, update to SP2 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Novell Groupwise