CVE-2012-4912 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2012-4912

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to inject arbitrary web script or HTML via a crafted signature in an HTML e-mail message.

Published: Sep 28, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-4912
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
novell / groupwise	8.00-hp3	8.00-hp3.x
novell / groupwise	8.02-hp2	8.02-hp2.x
novell / groupwise	8.02-hp3	8.02-hp3.x
novell / groupwise	8.02	8.02.x
novell / groupwise	2012	2012.x
novell / groupwise	8.0	8.0.x
novell / groupwise	8.02-hp1	8.02-hp1.x
novell / groupwise	8.00-hp1	8.00-hp1.x
novell / groupwise	8.01-hp	8.01-hp.x
novell / groupwise	8.00-hp2	8.00-hp2.x
novell / groupwise	8.01	8.01.x