Security Advisory

CVE-2007-4557

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-08-28 01:00:00

Last updated 2024-09-16 19:04:16

Assigner mitre

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2.

← Browse all CVEs View on cve.org ↗