Lucene search

[email protected]CVE-2008-2163

HistoryMay 13, 2008 - 5:20 p.m.

CVE-2008-2163

2008-05-1317:20:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-2163

cross-site scripting

xss

ibm lotus quickr 8.1

wysiwyg editors

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.1%

JSON

Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to “WYSIWYG editors.”

Affected configurations

NVD

Node

ibmaix

ibmi5os

microsoftwindows_nt

AND

ibmlotus_quickrMatch8.1

CPENameOperatorVersion
ibm:lotus_quickribm lotus quickreq8.1

CPE	Name	Operator	Version
ibm:lotus_quickr	ibm lotus quickr	eq	8.1

References

secunia.com/advisories/30204

www-01.ibm.com/support/docview.wss?uid=swg27013341

www-1.ibm.com/support/docview.wss?uid=swg24018711

www.securityfocus.com/bid/29175

www.vupen.com/english/advisories/2008/1502/references

exchange.xforce.ibmcloud.com/vulnerabilities/42360

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.1%

JSON

Related for CVE-2008-2163

cvelist3 nvd3 prion3 cve2