Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell GroupWise WebAccess 跨站脚本攻击漏洞
Vulnerability Description
Novell GroupWise 6.5 WebAccess的webacc servlet中存在跨站脚本攻击漏洞。远程攻击者可以借助User.Id如数,如STYLE元素的一个url中的一个URL,注入任意web脚本或HTML。该漏洞可能由于CVE-2004-2103.2的不完整修复而产生。
CVSS Information
N/A
Vulnerability Type
N/A