CVE-2011-2661 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter.

Reference

http://www.novell.com/support/viewContent.do?externalId=7009214 https://bugzilla.novell.com/show_bug.cgi?id=702786