CVE-2008-0925 Information

Description

Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10 and 8.8.x before 8.8.2 ftf2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within \error messages of the HTTP stack.\

Reference

http://secunia.com/advisories/30748 http://securitytracker.com/id?1020321 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html http://www.novell.com/support/viewContent.do?externalId=3460217&sliceId=1 http://www.securityfocus.com/bid/29782 http://www.vupen.com/english/advisories/2008/1863/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43151