Security Advisory

CVE-2009-0273

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-02-02 22:00:00

Last updated 2024-08-07 04:24:18

Assigner mitre

State PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments.

← Browse all CVEs View on cve.org ↗