Upstream information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in the phone field of a user profile.SUSE information
Overall state of this security issue: Does not affect SUSE products
SUSE Bugzilla entry: 981241 [VERIFIED / FIXED]SUSE Security Advisories:
- TID7017787, published Sa 3. Mär 12:03:11 CET 2018
SUSE Timeline for this CVE
CVE page created: Wed Jun 29 17:51:08 2016CVE page last modified: Mon Aug 7 14:26:28 2023