CVE-2013-1087

Novell GroupWise <8.0.3 HP3, 2012 SP2 - XSS

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in the client in Novell GroupWise through 8.0.3 HP3, and 2012 through SP2, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML via the body of an e-mail message.

References (2)

Core 2
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=799673
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7012063

Scores

EPSS 0.0060
EPSS Percentile 69.8%

Details

CWE
CWE-79
Status published
Products (19)
novell/groupwise 6.5 (7 CPE variants)
novell/groupwise 6.5.2
novell/groupwise 6.5.3
novell/groupwise 6.5.4
novell/groupwise 6.5.6
novell/groupwise 6.5.7
novell/groupwise 7.0
novell/groupwise 7.0.3 hp4 (2 CPE variants)
novell/groupwise 7.0.4 (2 CPE variants)
novell/groupwise 7.01 (2 CPE variants)
... and 9 more
Published Jul 15, 2013
Tracked Since Feb 18, 2026