CVE-2005-2276

Novell Groupwise WebAccess 6.5 - Cross-Site Scripting via Encoded JavaScript URI in Email

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2276. PoCs published by Francisco Amato.

AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in Novell GroupWise WebAccess, allowing arbitrary script execution via a crafted IMG tag. The PoC uses a JavaScript URI to trigger an alert with the document cookie, proving the vulnerability.

Description

Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "j&#X41vascript" in an IMG tag.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francisco Amato · textwebappsjava

https://www.exploit-db.com/exploits/26001

View Code ZIP pw:eip

This exploit demonstrates an HTML injection vulnerability in Novell GroupWise WebAccess, allowing arbitrary script execution via a crafted IMG tag. The PoC uses a JavaScript URI to trigger an alert with the document cookie, proving the vulnerability.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Novell GroupWise WebAccess (version not specified)

No auth needed

Prerequisites: Victim must open a malicious email in GroupWise WebAccess

MITRE ATT&CK