CSRF in Ibm Lotus_domino

CVE-2010-0921

Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.001 (33.0th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_domino — versions 8.0.2.4
Ibm Lotus_inotes — versions 229.211, 229.231, 229.061
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

cve@mitre.org (x_refsource_CONFIRM)
38459 (vdb-entry, x_refsource_BID)
ADV-2010-0496 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
inotes-getfilter-csrf(56556) (vdb-entry, x_refsource_XF)