CVE Vulnerabilities

CVE-2005-2276

Published: Jul 26, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. j&#X41vascript in an IMG tag.

Affected Software

Name Vendor Start Version End Version
Groupwise_webaccess Novell 6.5 6.5
Groupwise_webaccess Novell 6.5 6.5
Groupwise_webaccess Novell 6.5 6.5
Groupwise_webaccess Novell 6.5 6.5
Groupwise_webaccess Novell 6.0 6.0
Groupwise_webaccess Novell 6.5 6.5

References