CVE-2006-0663

Currently unrated

Key Information:

Vendor
IBM
Vendor
CVE Published:
13 February 2006

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.