Novell » Edirectory : Security Vulnerabilities, CVEs, Published In 2008 (XSS)
Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.21%
Published
2008-11-14
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within "error messages of the HTTP stack."
Max CVSS
4.3
EPSS Score
0.16%
Published
2008-06-18
Updated
2017-08-08
2 vulnerabilities found