Published: 01/05/2013 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x prior to 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote malicious users to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm lotus notes 8.5.3
ibm lotus notes 8.5.2.3
ibm lotus notes 8.5
ibm lotus notes 8.0.2.2
ibm lotus notes 8.0.2.3
ibm lotus notes 8.5.1.3
ibm lotus notes 8.5.1.4
ibm lotus notes 8.0.2.1
ibm lotus notes 8.5.2.2
ibm lotus notes 8.0.1
ibm lotus notes 8.0.2.4
ibm lotus notes 8.5.0.0
ibm lotus notes 8.5.0.1
ibm lotus notes 8.5.2.1
ibm lotus notes 8.5.3.2
ibm lotus notes 8.0.2
ibm lotus notes 8.0
ibm lotus notes 8.0.2.5
ibm lotus notes 8.0.0
ibm lotus notes 8.0.2.6
ibm lotus notes 8.5.1.5
ibm lotus notes 8.5.3.3
ibm lotus notes 9.0.0.0
ibm lotus notes 8.0.2.0
ibm lotus notes 8.5.1
ibm lotus notes 8.5.1.1
ibm lotus notes 8.5.1.0
ibm lotus notes 8.5.1.2
ibm lotus notes 8.5.3.1
ibm lotus notes 8.5.2.0

CWE-79 http://www-01.ibm.com/support/docview.wss?uid=swg21633819 http://www.kb.cert.org/vuls/id/912420 https://exchange.xforce.ibmcloud.com/vulnerabilities/83270 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/912420

CVE-2013-0538

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect