Vulnerabilities in Novell's GroupWise WebAccess could enable hackers to steal user details by simply tricking them into viewing an email. The cross-site request forgery bug found by ProCheckUp can lead to having a copy of any email sent to a user forwarded to the attacker's inbox. Novell has released updates for GroupWise 7 and 8 to correct the problem. -- CAM