header-logo
Suggest Exploit
vendor:
Lotus Domino iNotes
by:
SecurityFocus
4.3
CVSS
MEDIUM
HTML- and Script-Injection
79
CWE
Product Name: Lotus Domino iNotes
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

IBM Lotus Domino iNotes HTML- and Script-Injection Vulnerabilities

IBM Lotus Domino iNotes is prone to multiple HTML- and script-injection vulnerabilities. These vulnerabilities can allow attackers to carry out a variety of attacks, including theft of cookie-based authentication credentials. A proof of concept example for the issue exploited through a 'javascript:' URI is available: <a href="java&#13;script:alert('Vulnerable!');">Link</a> Successful exploitation of this issue may allow attackers to execute arbitrary HTML and script code in the context of the affected application. This may facilitate unauthorized access or privilege escalation.

Mitigation:

Users should avoid visiting untrusted websites and clicking on suspicious links. Additionally, users should always use the latest version of the software.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16577/info

IBM Lotus Domino iNotes is prone to multiple HTML- and script-injection vulnerabilities.

These vulnerabilities can allow attackers to carry out a variety of attacks, including theft of cookie-based authentication credentials. 

A proof of concept example for the issue exploited through a 'javascript:' URI is available:

<a href="java&#13;script:alert('Vulnerable!');">Link</a>

Navigation

Suggest Exploit

Services By CQR