Cross-site Scripting Vulnerability in IBM Domino's iNotes Functionality
CVE-2013-3032

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino
Vendor: CVE Published:; 9 August 2013

Summary

A cross-site scripting (XSS) vulnerability exists in the MIME email functionality of iNotes in IBM Domino 9.0 prior to IF3. This flaw may allow remote attackers to inject arbitrary web scripts or HTML content through undefined vectors, which can potentially lead to unauthorized actions or data exposure. Organizations using affected versions of IBM Domino should apply the necessary updates to mitigate these risks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21644599

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21645503

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84622

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 9, 2013
Vulnerability Reserved
Apr 12, 2013