CVE-2010-0927: XSS
First published: Fri Mar 05 2010(Updated: )
Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino | =7.0.2.2 | |
| IBM Lotus Domino | =7.0.1.1 | |
| IBM Lotus Domino | =7.0.2.1 | |
| IBM Lotus Domino | =7.0.2.3 | |
| IBM Lotus Domino | =7.0.3 | |
| IBM Lotus Domino | =7.0 | |
| IBM Lotus Domino | =7.0.2 | |
| IBM Lotus Domino | =8.0 | |
| IBM Lotus Domino | =7.0.1 | |
| IBM Lotus Domino | =7.0.3.1 | |
| IBM Lotus Domino | =8.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm lotus domino
- version/ibm lotus domino/7.0.2.2
- version/ibm lotus domino/7.0.1.1
- version/ibm lotus domino/7.0.2.1
- version/ibm lotus domino/7.0.2.3
- version/ibm lotus domino/7.0.3
- version/ibm lotus domino/7.0
- version/ibm lotus domino/7.0.2
- version/ibm lotus domino/8.0
- version/ibm lotus domino/7.0.1
- version/ibm lotus domino/7.0.3.1
- version/ibm lotus domino/8.0.1