Cross-Site Scripting Vulnerability in IBM Domino iNotes
CVE-2013-4064

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino; Lotus Inotes
Vendor: CVE Published:; 21 December 2013

Summary

An XSS flaw exists in IBM Domino's iNotes due to improper input validation when ultra-light mode is enabled. This vulnerability allows remote authenticated users to inject arbitrary web scripts or HTML code through unspecified vectors, potentially compromising the security of the application and user data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/86595

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21659959

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 21, 2013
Vulnerability Reserved
Jun 7, 2013