Lucene search

PRIOn knowledge basePRION:CVE-2014-0913

HistoryMay 09, 2014 - 1:55 a.m.

Cross site scripting

2014-05-0901:55:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

54.2%

JSON

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE.

CPENameOperatorVersion
lotus_dominoeq8.5.3.6
lotus_dominoeq9.0.1.0
lotus_inoteseq9.0.1.0
lotus_inoteseq8.5.3.6

Name	Operator	Version
lotus_domino	eq	8.5.3.6
lotus_domino	eq	9.0.1.0
lotus_inotes	eq	9.0.1.0
lotus_inotes	eq	8.5.3.6

References

www-01.ibm.com/support/docview.wss?uid=swg21671981

www.securitytracker.com/id/1030215

exchange.xforce.ibmcloud.com/vulnerabilities/91880

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

54.2%

JSON

Related for PRION:CVE-2014-0913