Lucene search
HistoryApr 11, 2007 - 1:19 a.m.
CVE-2007-1941
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.085
Percentile
94.6%
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.
Affected configurations
Node
ibmlotus_notesMatch6.5.5
ORibmlotus_notesMatch7.0
ORibmlotus_notesMatch7.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_notes | 6.5.5 | cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:* |
| ibm | lotus_notes | 7.0 | cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:* |
| ibm | lotus_notes | 7.0.1 | cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2007-1941
2007-04-11 01:00:00
CVE-2006-4843
2007-03-29 21:00:00
cve
cve
prion
prion
Cross site scripting
2007-04-11 01:19:00
Design/Logic Flaw
2007-03-28 22:19:00
nvd
nvd
CVE-2006-4843
2007-03-29 21:19:00
CVE-2007-1740
2007-03-28 22:19:00
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability
2007-03-28 00:00:00
Invalid Lotus Domino Web access sesssion cookie handling
2006-09-12 00:00:00
Lotus Domino multiple security vulnerabilities
2007-03-28 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.085
Percentile
94.6%
Related for NVD:CVE-2007-1941