Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Groupwise | <= 2012 |
Related Weaknesses (CWE)
References
- http://www.novell.com/support/kb/doc.php?id=7016653Vendor Advisory
- http://www.securitytracker.com/id/1032978
- https://bugzilla.novell.com/show_bug.cgi?id=909584
- https://bugzilla.novell.com/show_bug.cgi?id=909586
- https://bugzilla.novell.com/show_bug.cgi?id=909587
- https://bugzilla.novell.com/show_bug.cgi?id=909588
- https://bugzilla.novell.com/show_bug.cgi?id=909590
- https://bugzilla.novell.com/show_bug.cgi?id=930467
- http://www.novell.com/support/kb/doc.php?id=7016653Vendor Advisory
- http://www.securitytracker.com/id/1032978
- https://bugzilla.novell.com/show_bug.cgi?id=909584
- https://bugzilla.novell.com/show_bug.cgi?id=909586
- https://bugzilla.novell.com/show_bug.cgi?id=909587
- https://bugzilla.novell.com/show_bug.cgi?id=909588
- https://bugzilla.novell.com/show_bug.cgi?id=909590
FAQ
What is CVE-2014-0611?
CVE-2014-0611 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or ...
How severe is CVE-2014-0611?
CVE-2014-0611 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0611?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Groupwise.