Environment
Novell Filr 1.2
Situation
A cross site scripting (XSS) vulnerability was found in Filr 1.2 that may allow arbitrary javascript to execute in the context of a user's session if a logged-in user clicks on a specially crafted link from an attacker.
Resolution
A fix for this issue is available in the Filr 1.2 Hot Patch 4, available via the Novell Patch Finder.
Additional Information
CVE Number:
CVE-2015-5968
Reporter Credits:
This security vulnerability was found by Dr. Erlijn van Genuchten (erlijn.vangenuchten@syss.de) of the SySS GmbH.
CVE-2015-5968
Reporter Credits:
This security vulnerability was found by Dr. Erlijn van Genuchten (erlijn.vangenuchten@syss.de) of the SySS GmbH.