Cross site scripting

2012-07-2010:40:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string.

CPENameOperatorVersion
lotus_protector_for_mail_securityeq2.8
lotus_protector_for_mail_securityeq2.1
lotus_protector_for_mail_securityeq2.5
lotus_protector_for_mail_securityeq2.5.1
proventia_network_mail_security_systemeq3004.0.0-ms
proventia_network_mail_security_system_firmwareeq2.5
proventia_network_mail_security_system_firmwareeq2.5.0.2
proventia_network_mail_security_system_firmwareeq2.5.1
proventia_network_mail_security_system_firmwareeq2.6
proventia_network_mail_security_system_firmwareeq2.8

Name	Operator	Version
lotus_protector_for_mail_security	eq	2.8
lotus_protector_for_mail_security	eq	2.1
lotus_protector_for_mail_security	eq	2.5
lotus_protector_for_mail_security	eq	2.5.1
proventia_network_mail_security_system	eq	3004.0.0-ms
proventia_network_mail_security_system_firmware	eq	2.5
proventia_network_mail_security_system_firmware	eq	2.5.0.2
proventia_network_mail_security_system_firmware	eq	2.5.1
proventia_network_mail_security_system_firmware	eq	2.6
proventia_network_mail_security_system_firmware	eq	2.8