{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2013-1086","title":"Title"},{"category":"description","text":"Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2013-1086","url":"https://www.suse.com/security/cve/CVE-2013-1086"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 802906 for CVE-2013-1086","url":"https://bugzilla.suse.com/802906"},{"category":"external","summary":"Advisory link for TID7012064","url":"https://www.suse.com/support/kb/doc/?id=7012064"}],"title":"SUSE CVE CVE-2013-1086","tracking":{"current_release_date":"2025-04-11T09:54:51Z","generator":{"date":"2025-04-11T09:54:51Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2013-1086","initial_release_date":"2025-04-11T09:54:51Z","revision_history":[{"date":"2025-04-11T09:54:51Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}}}