VULHUB ™

It has been reported that Novell Groupwise may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue reportedly exists in the 'servlet/webacc' module. Successful exploitation of this attack may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible. Novell Groupwise version 6.5 has been reported to be prone to this issue, however, other versions may be affected as well.

It has been reported that Novell Groupwise may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue reportedly exists in the 'servlet/webacc' module. Successful exploitation of this attack may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible. Novell Groupwise version 6.5 has been reported to be prone to this issue, however, other versions may be affected as well.