CVE-2013-1086 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-1086 Interim 1 1 2025-04-11T23:39:22Z current 2025-04-11T23:39:22Z 2025-04-11T23:39:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-1086 Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/kb/doc/?id=7012064 E-Mail link for TID7012064 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute. CVE-2013-1086 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N