Summary
The host is installed with IBM Lotus Domino and is prone to cross site scripting vulnerability.
Impact
Successful exploitation will allow remote authenticated users to hijack the authentication of unspecified victims.
Impact Level: Application
Solution
No solution or patch was made available since disclosure of this vulnerability.
Likely none will be provided anymore as the product is discontinued.General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
The flaw is in the webadmin.nsf file in Domino Web Administrator which fails to validate user supplied input properly.
Affected
IBM Lotus Domino 8.5 and 9.0
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-4050, CVE-2013-4051, CVE-2013-4055 -
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
- Apache /server-info accessible
- Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)