CVE-2013-1086
Severity
4.3MEDIUM
EPSS
0.7%
top 28.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 19
Latest updateMay 17
Description
Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.
CVSS vector
AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9