Arbitrary Script Injection in Novell Vibe OnPrem 3 BETA

Arbitrary Script Injection in Novell Vibe OnPrem 3 BETA

CVE-2010-4322 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.

Learn more about our Web App Pen Testing.