Lucene search

MitreCVE-2009-3816

HistoryOct 28, 2009 - 10:30 a.m.

CVE-2009-3816

2009-10-2810:30:00

CWE-79

mitre

web.nvd.nist.gov

ibm

lotus connections

xss

vulnerabilities

cve-2009-3816

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

55.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

ibmlotus_connectionsMatch2.5.0.0

VendorProductVersionCPE
ibmlotus_connections2.5.0.0cpe:2.3:a:ibm:lotus_connections:2.5.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_connections	2.5.0.0	cpe:2.3:a:ibm:lotus_connections:2.5.0.0:::::::*

References

secunia.com/advisories/37106

www-01.ibm.com/support/docview.wss?uid=swg24024303

www-1.ibm.com/support/docview.wss?uid=swg1LO43637

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

55.4%

JSON

Related for CVE-2009-3816