Total
20 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1659 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials." | |||||
CVE-2017-1421 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2017-1332 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234. | |||||
CVE-2017-1327 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062. | |||||
CVE-2017-1325 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976. | |||||
CVE-2017-1214 | 1 Ibm | 1 Inotes | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854. | |||||
CVE-2017-1130 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371. | |||||
CVE-2017-1129 | 1 Ibm | 2 Expeditor, Inotes | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370. | |||||
CVE-2016-9990 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824. | |||||
CVE-2016-6113 | 1 Ibm | 2 Domino, Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2016-5884 | 1 Ibm | 2 Domino, Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2016-5883 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010. | |||||
CVE-2016-5882 | 1 Ibm | 2 Domino, Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2016-5881 | 1 Ibm | 1 Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2016-5880 | 1 Ibm | 2 Domino, Inotes | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2016-2939 | 1 Ibm | 2 Domino, Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2016-2938 | 1 Ibm | 2 Domino, Inotes | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | |||||
CVE-2013-0592 | 1 Ibm | 1 Inotes | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | |||||
CVE-2013-0589 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. |