Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell GroupWise WebAccess User.Theme.index参数跨站脚本漏洞
Vulnerability Description
Novell GroupWise是美国Novell公司的一套协作通讯系统。该系统提供了电子邮件、日程安排、即时通讯、任务管理、文档管理以及联系人管理等协作通讯服务。 GroupWise的WebAccess界面没有正确地过滤用户所提交的User.Theme.index参数便返回给了用户,远程攻击者可以通过向服务器提交恶意请求执行跨站脚本攻击,导致在用户浏览器会话中执行任意HTML和脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A