CVE-2014-0611
Novell GroupWise 2012 < SP4 and 2014 < SP2 - Cross-Site Scripting
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (8)
Core 8
Core References
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7016653
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=909590
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032978
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=909587
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=909588
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=909584
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=909586
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=930467
Scores
EPSS
0.0242
EPSS Percentile
85.3%
Details
CWE
CWE-79
Status
published
Products (2)
novell/groupwise
< 2012
novell/groupwise
< 2014
Published
Jul 22, 2015
Tracked Since
Feb 18, 2026