Lucene search

CVE-2012-5307

🗓️ 08 Oct 2012 10:45:47Reported by mitreType

cve🔗 web.nvd.nist.gov👁 38 Views🌐 WEB

XSS vulnerability in IBM Lotus Notes Traveler allows remote attackers to inject web script or HTML via redirectURL parameter

Reporter	Title	Published	Views	Family All 12
Cvelist	CVE-2012-5307	8 Oct 201210:00	–	cvelist
Cvelist	CVE-2012-4824	8 Oct 201210:00	–	cvelist
Cvelist	CVE-2012-4825	8 Oct 201210:00	–	cvelist
NVD	CVE-2012-5307	8 Oct 201210:47	–	nvd
NVD	CVE-2012-4824	8 Oct 201210:47	–	nvd
NVD	CVE-2012-4825	8 Oct 201210:47	–	nvd
Prion	Cross site scripting	8 Oct 201210:47	–	prion
Prion	Cross site scripting	8 Oct 201210:47	–	prion
Prion	Open redirect	8 Oct 201210:47	–	prion
securityvulns	IBM Lotus Notes Traveler security vulnerabilities	22 Oct 201200:00	–	securityvulns

Nvd

Node

ibm lotus_notes_travelerRange≤8.5.3.3

ibm lotus_notes_travelerMatch8.5.0.0

ibm lotus_notes_travelerMatch8.5.0.1

ibm lotus_notes_travelerMatch8.5.0.2

ibm lotus_notes_travelerMatch8.5.1.1

ibm lotus_notes_travelerMatch8.5.1.2

ibm lotus_notes_travelerMatch8.5.1.3

ibm lotus_notes_travelerMatch8.5.2.1

ibm lotus_notes_travelerMatch8.5.3

ibm lotus_notes_travelerMatch8.5.3.1

ibm lotus_notes_travelerMatch8.5.3.2

Source	Link
archives	www.archives.neohapsis.com/archives/fulldisclosure/2012-10/0001.html

Parameter	Position	Path	Description	CWE
redirectURL	query param	/traveler	Cross-site scripting (XSS) vulnerability allowing injection of arbitrary web script or HTML via the redirectURL parameter.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Oct 2012 10:47Current

5.5Medium risk

Vulners AI Score5.5

CVSS22.6

EPSS0.00411

CWE-79