CVE-2013-4064

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
2.1LOW
EPSS
0.2%
top 62.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Lotus DominoIBM Lotus Inotes
Timeline
PublishedDec 21
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDibm/lotus_domino7 versions+6
NVDibm/lotus_inotes7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-cjqx-3q5g-44mx: Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 82022-05-17
CVEList
CVE-2013-4064: Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 82013-12-21
CVE-2013-4064 (LOW CVSS 2.1) | Cross-site scripting (XSS) vulnerab | cvebase.io