CVE-2011-2661
Severity
4.3MEDIUM
EPSS
0.3%
top 51.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 8
Latest updateMay 17
Description
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter.
CVSS vector
AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9