CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4220

Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novell GroupWise WebAccess before 7 Support Pack 3 Public Beta allow remote attackers to inject arbitrary web script or HTML via the (1) User.html, (2) Error, (3) User.Theme.index, and (4) and User.lang parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.9%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2006-4220

Novell » Groupwise » Version: 5.57e

cpe:2.3:a:novell:groupwise:5.57e
Novell » Groupwise » Version: 6.5.7

cpe:2.3:a:novell:groupwise:6.5.7
Novell » Groupwise » Version: 7.0

cpe:2.3:a:novell:groupwise:7.0
Novell » Groupwise » Version: 7.0.0

cpe:2.3:a:novell:groupwise:7.0.0
Novell » Groupwise Webaccess » Version: N/A

cpe:2.3:a:novell:groupwise_webaccess:-
Novell » Groupwise Webaccess » Version: 5.5

cpe:2.3:a:novell:groupwise_webaccess:5.5
Novell » Groupwise Webaccess » Version: 6.5

cpe:2.3:a:novell:groupwise_webaccess:6.5
Novell » Groupwise Webaccess » Version: 7

cpe:2.3:a:novell:groupwise_webaccess:7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4220

Products

Pricing

Contact Us