XSS in Ibm Lotus_domino
CVE-2013-4064
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vect…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.002 (37.5th percentile) — read the EPSS interpretation.
Affected products
- Ibm Lotus_domino — versions 8.5.3.0, 8.5.3.1, 8.5.3.2
- Ibm Lotus_inotes — versions 8.5.3.0, 8.5.3.1, 8.5.3.2
- N/a — versions n/a
Weakness classification (CWE)
References
- ibm-inotes-cve20134064-xss(86595) (vdb-entry, x_refsource_XF)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)