Novell Forum Unspecified Tcl Command Injection Vulnerability

info
discussion
exploit
solution
references

Novell Forum Unspecified Tcl Command Injection Vulnerability

Novell Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input.

Attackers can exploit this issue to execute arbitrary commands in the context of the webserver process. Successful exploits could compromise the application and possibly the underlying system.

Novell Forum 8.0 and prior versions are affected by the issue.