Lucene search
MitreCVE-2007-1941HistoryApr 11, 2007 - 1:19 a.m.
CVE-2007-1941
2007-04-1101:19:00
mitre
web.nvd.nist.gov
27
cve-2007-1941
ibm lotus notes
xss vulnerability
remote attackers
e-mail injection
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.085
Percentile
94.6%
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.
Affected configurations
Node
ibmlotus_notesMatch6.5.5
ORibmlotus_notesMatch7.0
ORibmlotus_notesMatch7.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_notes | 6.5.5 | cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:* |
| ibm | lotus_notes | 7.0 | cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:* |
| ibm | lotus_notes | 7.0.1 | cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2007-1941
2007-04-11 01:00:00
CVE-2006-4843
2007-03-29 21:00:00
prion
prion
Cross site scripting
2007-04-11 01:19:00
Design/Logic Flaw
2007-03-28 22:19:00
nvd
nvd
securityvulns
securityvulns
Lotus Domino multiple security vulnerabilities
2007-03-28 00:00:00
[Full-disclosure] iDefense Security Advisory 03.28.07: IBM Lotus Domino Web Access Cross Site Scripting Vulnerability
2007-03-28 00:00:00
Invalid Lotus Domino Web access sesssion cookie handling
2006-09-12 00:00:00
cve
cve
CVE-2006-4843
2007-03-29 21:19:00
CVE-2007-1740
2007-03-28 22:19:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.085
Percentile
94.6%
Related for CVE-2007-1941