Reflected XSS vulnerability in Filr

  • 7017791
  • 30-Jun-2016
  • 30-Jun-2016

Environment

Novell Filr 2.0
Novell Filr 1.2

Situation

A reflected XSS vulnerability was found in Novell Filr 1.2/2.0 that may allow a remote attacker to execute javascript in the context of a valid Filr user by tricking the user into clicking on a specially crafted link.

Resolution

A fix for this issue is available in the Filr 2.0 Hot Patch 2 and Filr 1.2 Hot Patch 6, available via the Novell Patch Finder.

Special thanks to Cure 53 (https://cure53.de) for reporting this vulnerability to Micro Focus.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.