IBM Lotus Domino INotes Cross Site Scripting Vulnerability Network Vulnerability

Summary

The host is installed with IBM Lotus Domino and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will allow remote attackers to inject arbitrary web script. Impact Level: Application

Solution

Upgrade to IBM Lotus Domino version 8.5.3 FP5 IF2 or 9.0 IF5 or later. For more information refer to, http://www-01.ibm.com/support/docview.wss?uid=swg21653149

Insight

The flaw is in the iNotes. No much information is publicly available about this issue.

Affected

IBM Lotus Domino 8.5.3 before FP5 IF2 and 9.0 before IF5.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/98815
http://osvdb.org/98816
http://www-01.ibm.com/support/docview.wss?uid=swg21653149
http://xforce.iss.net/xforce/xfdb/87123
http://xforce.iss.net/xforce/xfdb/87125

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5388, CVE-2013-5389

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tomcat XML External Entity Information Disclosure Vulnerability
Apple Safari libxml Denial of Service Vulnerability
APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)

IBM Lotus Domino iNotes Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities