4.3

CVE-2006-3818

Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.86% 0.767
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/21411
Third Party Advisory
http://securitytracker.com/id?1016648
Third Party Advisory
VDB Entry
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974176.htm
Vendor Advisory
http://www.securityfocus.com/bid/19297
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2006/3098
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28210
Third Party Advisory
VDB Entry
https://secure-support.novell.com/KanisaPlatform/Publishing/228/3574517_f.SAL_Public.html
Vendor Advisory
Permissions Required