This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.
The web application running on the remote host has a
cross-site scripting vulnerability.
The remote host is running Novell GroupWise WebAccess, which is
vulnerable to a cross-site scripting issue in the 'User.lang' field
of the login page.
There are other issues known to be associated with this version of
GroupWise WebAccess that Nessus has not tested for. Refer to the
Secunia advisory for details.
See also :
Upgrade to version 7.03 HP3 / 8.0 HP2 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Family: CGI abuses : XSS
Nessus Plugin ID: 38927 (groupwise_webaccess_userlang_xss.nasl)
Bugtraq ID: 35061
CVE ID: CVE-2009-1635
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.