Upstream information

CVE-2016-1609 at MITRE


Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in the phone field of a user profile.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 981241 [VERIFIED / FIXED]

SUSE Security Advisories:

  • TID7017787, published Sa 3. Mär 12:03:11 CET 2018

SUSE Timeline for this CVE

CVE page created: Wed Jun 29 17:51:08 2016
CVE page last modified: Mon Aug 7 14:26:28 2023