Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell groupwise webaccess 6.5 |
||
novell groupwise webaccess 6.0 |