Cross Site Scripting vulnerability (CVE-2015-5968)

  • 7017078
  • 11-Dec-2015
  • 16-Dec-2015


Novell Filr 1.2


A cross site scripting (XSS) vulnerability was found in Filr 1.2 that may allow arbitrary javascript to execute in the context of a user's session if a logged-in user clicks on a specially crafted link from an attacker.


A fix for this issue is available in the Filr 1.2 Hot Patch 4, available via the Novell Patch Finder.

Additional Information

CVE Number:

Reporter Credits:
This security vulnerability was found by Dr. Erlijn van Genuchten ( of the SySS GmbH.