4.3

CVE-2006-4843

Exploit
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmLotus Domino Version6.5.0
IbmLotus Domino Version6.5.1
IbmLotus Domino Version6.5.2
IbmLotus Domino Version6.5.3
IbmLotus Domino Version6.5.4
IbmLotus Domino Version6.5.4 Editionfp1
IbmLotus Domino Version6.5.4 Editionfp2
IbmLotus Domino Version6.5.5
IbmLotus Domino Version6.5.5 Editionfp1
IbmLotus Domino Version6.5.5 Editionfp2
IbmLotus Domino Version7.0
IbmLotus Domino Version7.0.1
IbmLotus Domino Version7.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.35% 0.679
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/24633
Vendor Advisory
Exploit
http://www.securityfocus.com/bid/23173
http://www.vupen.com/english/advisories/2007/1133
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=493
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg21257026
http://www.securitytracker.com/id?1017824
https://exchange.xforce.ibmcloud.com/vulnerabilities/33280