Cross-site scripting (XSS) vulnerability in the client in Novell GroupWise through 8.0.3 HP3, and 2012 through SP2, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML via the body of an e-mail message.
Conclusion & alert: CVE-2013-1087 is rated Moderate Risk (42.9/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.51%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.64% | 1.51% | +0.87% |
| 2 | 2026-01-16 | 1.91% | 0.64% | -1.28% |
| 3 | 2026-01-01 | — | 1.91% | — |
Full EPSS history (32 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 4.3 | 2.0 | MEDIUM |
|
8.6 | 2.9 | [email protected] |
: Per: http://www.novell.com/support/kb/doc.php?id=7012063 'Previous versions (GroupWise, 6.5, 7.x) of the GroupWise Client for Windows are likely also vulnerable but are no longer supported. Customers on earlier versions of GroupWise should, at a minimum, upgrade their GroupWise Windows clients to version 8.0.3 Hot Patch 3 or 2012 SP2 in order to secure their systems.'
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| novell | groupwise | <= 8.03 | cpe:2.3:a:novell:groupwise:*:hp3:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:sp1:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:sp2:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:sp3:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:sp4:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:sp5:*:*:*:*:*:* |
| novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:sp6:*:*:*:*:*:* |
| novell | groupwise | 6.5.2 | cpe:2.3:a:novell:groupwise:6.5.2:*:*:*:*:*:*:* |
| novell | groupwise | 6.5.3 | cpe:2.3:a:novell:groupwise:6.5.3:*:*:*:*:*:*:* |
| novell | groupwise | 6.5.4 | cpe:2.3:a:novell:groupwise:6.5.4:*:*:*:*:*:*:* |
| novell | groupwise | 6.5.6 | cpe:2.3:a:novell:groupwise:6.5.6:*:*:*:*:*:*:* |
| novell | groupwise | 6.5.7 | cpe:2.3:a:novell:groupwise:6.5.7:*:*:*:*:*:*:* |
| novell | groupwise | 7.0 | cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:* |
| novell | groupwise | 7.0.3 | cpe:2.3:a:novell:groupwise:7.0.3:hp4:*:*:*:*:*:* |
| novell | groupwise | 7.0.3 | cpe:2.3:a:novell:groupwise:7.0.3:hp5:*:*:*:*:*:* |
| novell | groupwise | 7.0.4 | cpe:2.3:a:novell:groupwise:7.0.4:*:*:*:*:*:*:* |
| novell | groupwise | 7.0.4 | cpe:2.3:a:novell:groupwise:7.0.4:ftf:*:*:*:*:*:* |
| novell | groupwise | 7.01 | cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:* |
| novell | groupwise | 7.01 | cpe:2.3:a:novell:groupwise:7.01:ir1:*:*:*:*:*:* |
| novell | groupwise | 7.02 | cpe:2.3:a:novell:groupwise:7.02:*:*:*:*:*:*:* |
| novell | groupwise | 7.02 | cpe:2.3:a:novell:groupwise:7.02:hp1:*:*:*:*:*:* |
| novell | groupwise | 7.02 | cpe:2.3:a:novell:groupwise:7.02:hp1a:*:*:*:*:*:* |
| novell | groupwise | 7.02 | cpe:2.3:a:novell:groupwise:7.02:hp2:*:*:*:*:*:* |
| novell | groupwise | 7.02 | cpe:2.3:a:novell:groupwise:7.02:hp2r1:*:*:*:*:*:* |
| novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:* |
| novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:hp:*:*:*:*:*:* |
| novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:hp2:*:*:*:*:*:* |
| novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:hp3:*:*:*:*:*:* |
| novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:hp3\+ftf:*:*:*:*:*:* |
| novell | groupwise | 8.0 | cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:* |
| novell | groupwise | 8.00 | cpe:2.3:a:novell:groupwise:8.00:hp1:*:*:*:*:*:* |
| novell | groupwise | 8.00 | cpe:2.3:a:novell:groupwise:8.00:hp2:*:*:*:*:*:* |
| novell | groupwise | 8.00 | cpe:2.3:a:novell:groupwise:8.00:hp3:*:*:*:*:*:* |
| novell | groupwise | 8.01 | cpe:2.3:a:novell:groupwise:8.01:*:*:*:*:*:*:* |
| novell | groupwise | 8.01 | cpe:2.3:a:novell:groupwise:8.01:hp:*:*:*:*:*:* |
| novell | groupwise | 8.02 | cpe:2.3:a:novell:groupwise:8.02:*:*:*:*:*:*:* |
| novell | groupwise | 8.02 | cpe:2.3:a:novell:groupwise:8.02:hp1:*:*:*:*:*:* |
| novell | groupwise | 8.02 | cpe:2.3:a:novell:groupwise:8.02:hp2:*:*:*:*:*:* |
| novell | groupwise | 8.02 | cpe:2.3:a:novell:groupwise:8.02:hp3:*:*:*:*:*:* |
| novell | groupwise | 8.03 | cpe:2.3:a:novell:groupwise:8.03:*:*:*:*:*:*:* |
| novell | groupwise | 8.03 | cpe:2.3:a:novell:groupwise:8.03:hp1:*:*:*:*:*:* |
| novell | groupwise | 8.03 | cpe:2.3:a:novell:groupwise:8.03:hp2:*:*:*:*:*:* |
| novell | groupwise | 2012 | cpe:2.3:a:novell:groupwise:2012:*:*:*:*:*:*:* |
| novell | groupwise | 2012 | cpe:2.3:a:novell:groupwise:2012:sp1:*:*:*:*:*:* |
| novell | groupwise | 2012 | cpe:2.3:a:novell:groupwise:2012:sp1_hp1:*:*:*:*:*:* |
| novell | groupwise | 2012 | cpe:2.3:a:novell:groupwise:2012:sp2:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.novell.com/support/kb/doc.php?id=7012063 | Vendor Advisory |
| https://bugzilla.novell.com/show_bug.cgi?id=799673 |