Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.
References 6 Total
- secunia.com: 27390 third-party-advisory
- osvdb.org: 38203 vdb-entry
- http://swamp.svn.sourceforge.net/viewvc/swamp/trunk/swamp/webapps/webswamp/src/java/de/suse/swamp/modules/actions/LoginActions.java?r1=666&r2=700
- exchange.xforce.ibmcloud.com: novell-swamp-login-xss(37399) vdb-entry
- securityfocus.com: 26198 vdb-entry
- securityfocus.com: 20071024 Novell OpenSUSE SWAMP multiple XSS mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- secunia.com: 27390 third-party-advisoryx_transferred
- osvdb.org: 38203 vdb-entryx_transferred
- http://swamp.svn.sourceforge.net/viewvc/swamp/trunk/swamp/webapps/webswamp/src/java/de/suse/swamp/modules/actions/LoginActions.java?r1=666&r2=700 x_transferred
- exchange.xforce.ibmcloud.com: novell-swamp-login-xss(37399) vdb-entryx_transferred
- securityfocus.com: 26198 vdb-entryx_transferred
- securityfocus.com: 20071024 Novell OpenSUSE SWAMP multiple XSS mailing-listx_transferred