355 matches found
CVE-2017-1332
CVE-2017-1332 affects IBM iNotes 8.5 and 9.0, where a cross-site scripting flaw in the Web UI can allow an attacker to inject arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Public data shows CVSS scores (NVD) of 6.1 (CVSS3.0) and 4.3 (CVSS2.0); explo...
IBM iNotes SVG Keylogger Information Disclosure Vulnerability (Jun 2017)
IBM iNotes is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:lotusdomino";...
IBM iNotes Information Disclosure Vulnerability
IBM iNotes also known as IBM Lotus iNotes is a set of Web-based e-mail software from IBM in the United States. The software helps different types of users online and offline users to effectively manage business-critical information and collaboration. A security vulnerability exists in IBM iNotes...
Information disclosure
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854...
CVE-2017-1214
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854...
CVE-2017-1214
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854...
CVE-2017-1214
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854...
CVE-2017-1214
CVE-2017-1214 affects IBM iNotes 8.5 and 9.0 and is described in multiple sources as a remote information-disclosure vulnerability. The available documents indicate that a attacker could send a malformed e‑mail to a victim, and opening it could disclose information. Some sources (OpenVAS) referen...
IBM iNotes Cross-Site Scripting Vulnerability (May 2017)
IBM iNotes is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:lotusdomino";...
CVE-2017-1325
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976...
Cross site scripting
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976...
CVE-2017-1325
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976...
CVE-2017-1325
The provided documents describe CVE-2017-1325 as a cross-site scripting vulnerability in IBM iNotes 8.5 and 9.0. The issue permits embedding arbitrary JavaScript in the Web UI, potentially altering functionality and leading to credentials disclosure within a trusted session. The NVD entry offers ...
CVE-2017-1325
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976...
IBM iNotes Cross-Site Scripting Vulnerability (CNVD-2017-08507)
IBM iNotes also known as IBM Lotus iNotes is a set of Web-based e-mail software from IBM in the United States. The software helps different types of users online and offline users to effectively manage business-critical information and collaboration. A cross-site scripting vulnerability exists in...
IBM iNotes Cross-Site Scripting Vulnerability (CNVD-2017-05332)
IBM iNotes is a Web-based e-mail client for IBM Notes that provides browser access to IBM Notes e-mail, calendar, and contacts. A cross-site scripting vulnerability exists in IBM iNotes, which allows an attacker to embed arbitrary JavaScript code into the Web UI that could change the intended use...
CVE-2016-9990
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 1998824...
Cross site scripting
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 1998824...
CVE-2016-9990
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 1998824...
CVE-2016-9990
IBM iNotes 8.5 and 9.0 are vulnerable to cross-site scripting via the Web UI, allowing an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted session. Affected product: IBM iNotes Web UI. Root cause: reflected/stored XSS in the Web UI (exact mechanism not ...