Micro.Focus.GroupWise.Admin.Console.install.login.jsp.XSS

description-logoDescription

This indicates an attack attempt against a Cross Site Scripting vulnerability in Micro Focus GroupWise.
The vulnerability is caused by insufficient validation of user input to the target system. A remote attacker can exploit this vulnerability by sending a crafted HTTP request to a targeted server and execute arbitrary code in the security context of the target user's browser.

affected-products-logoAffected Products

Micro Focus GroupWise 2014
Micro Focus GroupWise 2014 R2 SP1 and prior

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.

recomended-action-logoRecommended Actions

Upgrade to the latest version.
https://www.novell.com/support/kb/doc.php?id=7017973

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-10 14.629 Severity:high:medium