CVE-2008-3501
Novell Groupwise 7.0.x - Cross-Site Scripting in WebAccess Simple Interface
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43326
Patch x_refsource_confirm
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028200.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30839
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29922
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020359
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1929/references
Patch x_refsource_confirm
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028303.html
Scores
EPSS
0.0101
EPSS Percentile
77.4%
Details
CWE
CWE-79
Status
published
Products (3)
novell/groupwise
7.0 (4 CPE variants)
novell/groupwise
7.0.2
novell/groupwise
7.0.3
Published
Aug 06, 2008
Tracked Since
Feb 18, 2026