CVE-2006-3818

3 documents3 sources

Severity

4.3MEDIUM

EPSS

2.0%

top 16.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Groupwise Webaccess

Timeline

PublishedAug 11

Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/groupwise_webaccess6.5, 7+1

🔴Vulnerability Details

GHSA

GHSA-f2rq-3qfg-6qfw: Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6↗2022-05-01

▶

CVEList

CVE-2006-3818: Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6↗2006-08-11

▶