Cross-Site Scripting Vulnerability in IBM iNotes by IBM
CVE-2012-5943

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Inotes
Vendor: CVE Published:; 26 March 2013

Summary

A cross-site scripting (XSS) vulnerability exists in IBM iNotes 8.5.x versions prior to 8.5.3 FP4. This flaw allows remote attackers to inject malicious web scripts or HTML into user sessions by exploiting the mail functionality. Victims must interact with the affected content, potentially leading to unauthorized actions or data exposure.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80538

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21628658

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 26, 2013
Vulnerability Reserved
Nov 21, 2012