Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess component allows remote code injection via crafted HTML e-mail signature

Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess component allows remote code injection via crafted HTML e-mail signature

CVE-2012-4912 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to inject arbitrary web script or HTML via a crafted signature in an HTML e-mail message.

Learn more about our Web App Pen Testing.