Lucene search
IbmCVE-2012-3302HistoryAug 21, 2012 - 10:46 a.m.
CVE-2012-3302
2012-08-2110:46:10
CWE-79
ibm
web.nvd.nist.gov
31
ibm
lotus domino
xss
vulnerabilities
mail
help
url
security
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
55.1%
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server.
Affected configurations
Node
ibmlotus_dominoMatch7.0.1
ORibmlotus_dominoMatch7.0.1.1
ORibmlotus_dominoMatch7.0.2
ORibmlotus_dominoMatch7.0.2.2
ORibmlotus_dominoMatch7.0.3.0
ORibmlotus_dominoMatch7.0.3.1
ORibmlotus_dominoMatch7.0.4.0
ORibmlotus_dominoMatch7.0.4.1
ORibmlotus_dominoMatch7.0.4.2
Node
ibmlotus_dominoMatch8.5.0
ORibmlotus_dominoMatch8.5.0.1
ORibmlotus_dominoMatch8.5.1.1
ORibmlotus_dominoMatch8.5.1.2
ORibmlotus_dominoMatch8.5.1.3
ORibmlotus_dominoMatch8.5.1.4
ORibmlotus_dominoMatch8.5.1.5
ORibmlotus_dominoMatch8.5.2.0
ORibmlotus_dominoMatch8.5.2.1
ORibmlotus_dominoMatch8.5.2.2
ORibmlotus_dominoMatch8.5.2.3
ORibmlotus_dominoMatch8.5.2.4
ORibmlotus_dominoMatch8.5.3.0
ORibmlotus_dominoMatch8.5.3.1
ORibmlotus_dominoMatch8.5.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_domino | 7.0.1 | cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.1.1 | cpe:2.3:a:ibm:lotus_domino:7.0.1.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.2 | cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.2.2 | cpe:2.3:a:ibm:lotus_domino:7.0.2.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.3.0 | cpe:2.3:a:ibm:lotus_domino:7.0.3.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.3.1 | cpe:2.3:a:ibm:lotus_domino:7.0.3.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.4.0 | cpe:2.3:a:ibm:lotus_domino:7.0.4.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.4.1 | cpe:2.3:a:ibm:lotus_domino:7.0.4.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.4.2 | cpe:2.3:a:ibm:lotus_domino:7.0.4.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.0 | cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2012-08-21 10:46:00
cvelist
cvelist
CVE-2012-3302
2012-08-21 10:00:00
securityvulns
securityvulns
XSS and IL vulnerabilities in IBM Lotus Domino
2012-09-03 00:00:00
Multiple XSS vulnerabilities in IBM Lotus Domino
2013-04-01 00:00:00
nvd
nvd
CVE-2012-3302
2012-08-21 10:46:10
packetstorm
packetstorm
Lotus Domino 8.5.4 Cross Site Scripting
2013-03-27 00:00:00
seebug
seebug
IBM Lotus Domino HTTPεεΊε离εθ·¨η«θζ¬ζ§θ‘ζΌζ΄
2012-08-21 00:00:00
IBM Lotus Domino 8.5.3 XSS / HTTP Response Splitting
2012-09-04 00:00:00
openvas
openvas
IBM Lotus Domino HTTP Server Multiple Vulnerabilities
2013-03-27 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
55.1%
Related for CVE-2012-3302