Lucene search
HistoryAug 21, 2012 - 10:46 a.m.
CVE-2012-3302
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
55.1%
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server.
Affected configurations
Node
ibmlotus_dominoMatch7.0.1
ORibmlotus_dominoMatch7.0.1.1
ORibmlotus_dominoMatch7.0.2
ORibmlotus_dominoMatch7.0.2.2
ORibmlotus_dominoMatch7.0.3.0
ORibmlotus_dominoMatch7.0.3.1
ORibmlotus_dominoMatch7.0.4.0
ORibmlotus_dominoMatch7.0.4.1
ORibmlotus_dominoMatch7.0.4.2
Node
ibmlotus_dominoMatch8.5.0
ORibmlotus_dominoMatch8.5.0.1
ORibmlotus_dominoMatch8.5.1.1
ORibmlotus_dominoMatch8.5.1.2
ORibmlotus_dominoMatch8.5.1.3
ORibmlotus_dominoMatch8.5.1.4
ORibmlotus_dominoMatch8.5.1.5
ORibmlotus_dominoMatch8.5.2.0
ORibmlotus_dominoMatch8.5.2.1
ORibmlotus_dominoMatch8.5.2.2
ORibmlotus_dominoMatch8.5.2.3
ORibmlotus_dominoMatch8.5.2.4
ORibmlotus_dominoMatch8.5.3.0
ORibmlotus_dominoMatch8.5.3.1
ORibmlotus_dominoMatch8.5.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_domino | 7.0.1 | cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.1.1 | cpe:2.3:a:ibm:lotus_domino:7.0.1.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.2 | cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.2.2 | cpe:2.3:a:ibm:lotus_domino:7.0.2.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.3.0 | cpe:2.3:a:ibm:lotus_domino:7.0.3.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.3.1 | cpe:2.3:a:ibm:lotus_domino:7.0.3.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.4.0 | cpe:2.3:a:ibm:lotus_domino:7.0.4.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.4.1 | cpe:2.3:a:ibm:lotus_domino:7.0.4.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 7.0.4.2 | cpe:2.3:a:ibm:lotus_domino:7.0.4.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.0 | cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2012-08-21 10:46:00
cvelist
cvelist
CVE-2012-3302
2012-08-21 10:00:00
cve
cve
CVE-2012-3302
2012-08-21 10:46:10
securityvulns
securityvulns
XSS and IL vulnerabilities in IBM Lotus Domino
2012-09-03 00:00:00
Multiple XSS vulnerabilities in IBM Lotus Domino
2013-04-01 00:00:00
packetstorm
packetstorm
Lotus Domino 8.5.4 Cross Site Scripting
2013-03-27 00:00:00
seebug
seebug
IBM Lotus Domino HTTPεεΊε离εθ·¨η«θζ¬ζ§θ‘ζΌζ΄
2012-08-21 00:00:00
IBM Lotus Domino 8.5.3 XSS / HTTP Response Splitting
2012-09-04 00:00:00
openvas
openvas
IBM Lotus Domino HTTP Server Multiple Vulnerabilities
2013-03-27 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
55.1%
Related for NVD:CVE-2012-3302