XSS in Ibm Lotus_domino

CVE-2013-4063

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (46.7th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_domino — versions 8.5.3.0, 8.5.3.1, 8.5.3.2
Ibm Lotus_inotes — versions 8.5.3.0, 8.5.3.1, 8.5.3.2
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-inotes-cve20134063-xss(86594) (vdb-entry, x_refsource_XF)