4.3

CVE-2006-4843

Exploit

EPSS 0.76%
Veröffentlicht 29.03.2007 21:19:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Lotus Domino Version6.5.0

Ibm ≫ Lotus Domino Version6.5.1

Ibm ≫ Lotus Domino Version6.5.2

Ibm ≫ Lotus Domino Version6.5.3

Ibm ≫ Lotus Domino Version6.5.4

Ibm ≫ Lotus Domino Version6.5.4 Editionfp1

Ibm ≫ Lotus Domino Version6.5.4 Editionfp2

Ibm ≫ Lotus Domino Version6.5.5

Ibm ≫ Lotus Domino Version6.5.5 Editionfp1

Ibm ≫ Lotus Domino Version6.5.5 Editionfp2

Ibm ≫ Lotus Domino Version7.0

Ibm ≫ Lotus Domino Version7.0.1

Ibm ≫ Lotus Domino Version7.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.76%	0.723

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/24633

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/23173

http://www.vupen.com/english/advisories/2007/1133

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=493

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg21257026

http://www.securitytracker.com/id?1017824

https://exchange.xforce.ibmcloud.com/vulnerabilities/33280

https://nvd.nist.gov/vuln/detail/CVE-2006-4843

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4843

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4843

EUVD