CVE-2005-3015 — Cross-site Scripting in IBM Lotus Domino

3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.4%

top 42.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Domino IBM Lotus Domino Enterprise Server

Timeline

PublishedSep 21

Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/lotus_domino6.5.2

▶NVDibm/lotus_domino_enterprise_server6.5.2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-vmcg-wxwv-9jj9: Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6↗2022-05-01

▶

CVEList

CVE-2005-3015: Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6↗2005-09-21

▶