CVE-2010-4322
Novell Vibe OnPrem 3 BETA - Authenticated Stored Cross-Site Scripting via Micro Blog Field
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/515147/100/0/threaded
Scores
EPSS
0.0008
EPSS Percentile
22.5%
Details
CWE
CWE-79
Status
published
Products (1)
novell/vibe_onprem
3 beta
Published
Jan 07, 2011
Tracked Since
Feb 18, 2026