Reflected XSS vulnerability in Filr

A reflected XSS vulnerability was found in Novell Filr 1.2/2.0 that may allow a remote attacker to execute javascript in the context of a valid Filr user by tricking the user into clicking on a specially crafted link.

A fix for this issue is available in the Filr 2.0 Hot Patch 2 and Filr 1.2 Hot Patch 6, available via the Novell Patch Finder.

Special thanks to Cure 53 (https://cure53.de) for reporting this vulnerability to Micro Focus.