Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell GroupWise多个远程安全漏洞
Vulnerability Description
Novell GroupWise是美国Novell公司的一套协作通讯系统。该系统提供了电子邮件、日程安排、即时通讯、任务管理、文档管理以及联系人管理等协作通讯服务。 Novell GroupWise的实现上存在多个安全漏洞,可导致跨站脚本执行及过程指令执行等各种安全威胁。 /gw/webacc中的User.id t Library.queryText的参数数据没有经过充分检查过滤就返回给了用户浏览器,可能导致跨站脚本执行攻击。
CVSS Information
N/A
Vulnerability Type
N/A