Cross Site Scripting vulnerability (CVE-2015-5968)

  • 7017078
  • 11-Dec-2015
  • 16-Dec-2015

Environment

Novell Filr 1.2

Situation

A cross site scripting (XSS) vulnerability was found in Filr 1.2 that may allow arbitrary javascript to execute in the context of a user's session if a logged-in user clicks on a specially crafted link from an attacker.

Resolution

A fix for this issue is available in the Filr 1.2 Hot Patch 4, available via the Novell Patch Finder.

Additional Information

CVE Number:
CVE-2015-5968

Reporter Credits:
This security vulnerability was found by Dr. Erlijn van Genuchten (erlijn.vangenuchten@syss.de) of the SySS GmbH.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.