Reflected XSS vulnerability in Filr

  • 7017791
  • 30-Jun-2016
  • 30-Jun-2016


Novell Filr 2.0
Novell Filr 1.2


A reflected XSS vulnerability was found in Novell Filr 1.2/2.0 that may allow a remote attacker to execute javascript in the context of a valid Filr user by tricking the user into clicking on a specially crafted link.


A fix for this issue is available in the Filr 2.0 Hot Patch 2 and Filr 1.2 Hot Patch 6, available via the Novell Patch Finder.

Special thanks to Cure 53 ( for reporting this vulnerability to Micro Focus.