6.5 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
60.1%
The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when βforced SSLβ is enabled, uses http for links, which has unspecified impact and remote attack vectors.
secunia.com/advisories/40007
www-01.ibm.com/support/docview.wss?uid=swg21431472
www-1.ibm.com/support/docview.wss?uid=swg1LO48325
www.vupen.com/english/advisories/2010/1281