XSS in Novell Groupwise

CVE-2012-0272

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to inject arbitrary web script or HTML via the merge parameter.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.007 (71.8th percentile) — read the EPSS interpretation.