IBM Lotus Domino INotes Cross Site Scripting Vulnerability Network Vulnerability

Summary

The host is installed with IBM Lotus Domino and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will allow remote attackers to inject arbitrary web script. Impact Level: Application

Solution

Upgrade to IBM Lotus Domino version 8.5.3 FP5 IF2 or 9.0 IF5 or later. For more information refer to, http://www-01.ibm.com/support/docview.wss?uid=swg21653149

Insight

The flaw is in the iNotes. No much information is publicly available about this issue.

Affected

IBM Lotus Domino 8.5.3 before FP5 IF2 and 9.0 before IF5.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/98815
http://osvdb.org/98816
http://www-01.ibm.com/support/docview.wss?uid=swg21653149
http://xforce.iss.net/xforce/xfdb/87123
http://xforce.iss.net/xforce/xfdb/87125

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5388, CVE-2013-5389

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)
Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)
Adobe Reader Unspecified Vulnerability (Windows)
Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)

IBM Lotus Domino iNotes Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities