CyberSec.Space Logo
Back to CVE Browser

CVE-2010-4322

LOW
3.5
CVSS Severity Score
EPSS Score0.1180%
EPSS Percentile13.63th
PublishedJan 7, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.

Affected Platforms (CPE)

πŸ“¦
Novell

Vibe Onprem

= 3

References & Advisories

πŸ”— http://www.securityfocus.com/archive/1/515147/100/0/threaded
πŸ”— http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html
πŸ”— http://www.securityfocus.com/archive/1/515147/100/0/threaded
πŸ”— http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html

Related Vulnerabilities

CVE-2011-046410.0

Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unkno...

CVE-2010-355210.0

Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote atta...

CVE-2010-355310.0

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and...

CVE-2010-355410.0

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and...