CVE-2006-4843Cross-site Scripting in IBM Lotus Domino

3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
1.4%
top 19.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Domino
Timeline
PublishedMar 29
Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/lotus_domino9 versions+8

🔴Vulnerability Details

2
GHSA
GHSA-394f-8grw-xrm8: Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 62022-05-01
CVEList
CVE-2006-4843: Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 62007-03-29
CVE-2006-4843 — Cross-site Scripting in IBM | cvebase