Ibm

Inotes

20 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2017-1659

  • EPSS 0.29%
  • Published 01.07.2020 14:15:13
  • Last modified 21.11.2024 03:22:11

"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."

6.1

CVE-2013-0594

  • EPSS 0.15%
  • Published 11.07.2018 16:29:00
  • Last modified 21.11.2024 01:47:49

Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383.

5.4

CVE-2013-0592

  • EPSS 0.13%
  • Published 11.07.2018 16:29:00
  • Last modified 21.11.2024 01:47:49

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815.

7.5

CVE-2013-0589

  • EPSS 0.17%
  • Published 11.07.2018 16:29:00
  • Last modified 21.11.2024 01:47:48

IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371.

6.1

CVE-2017-1421

  • EPSS 0.29%
  • Published 13.12.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.5

CVE-2017-1130

Exploit
  • EPSS 65.48%
  • Published 05.09.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.

6.5

CVE-2017-1129

Exploit
  • EPSS 68.5%
  • Published 05.09.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.

6.1

CVE-2017-1327

  • EPSS 0.28%
  • Published 03.08.2017 15:29:00
  • Last modified 20.04.2025 01:37:25

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...

6.1

CVE-2017-1332

  • EPSS 0.28%
  • Published 31.07.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...

5.7

CVE-2017-1214

  • EPSS 0.36%
  • Published 12.06.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.