CVE-2013-1086 Information

Description

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3 and 2012 before SP2 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.

Reference

http://secunia.com/advisories/53098 http://www.novell.com/support/kb/doc.php?id=7012064 https://bugzilla.novell.com/show_bug.cgi?id=802906