What is the severity of CVE-2013-0591?

CVE-2013-0591 has a medium severity rating, as it allows remote authenticated users to exploit cross-site scripting vulnerabilities.

How do I fix CVE-2013-0591?

To fix CVE-2013-0591, upgrade to IBM Lotus Domino version 8.5.3 FP5 or later to mitigate the XSS vulnerability.

Who is affected by CVE-2013-0591?

CVE-2013-0591 affects users running IBM Lotus Domino versions 8.5.x prior to 8.5.3 FP5.

What types of attacks can exploit CVE-2013-0591?

Attackers can exploit CVE-2013-0591 to inject arbitrary web scripts or HTML into the pages viewed by other users.

Is authentication required to exploit CVE-2013-0591?

Yes, CVE-2013-0591 can only be exploited by remote authenticated users with access to the vulnerable iNotes.

Vulnerability/
CVE-2013-0591

low

3.5

CWE

27/8/2013

6/8/2024

CVE-2013-0591: XSS

First published: Tue Aug 27 2013(Updated: )

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Lotus Domino R5	=8.5.0
IBM Lotus Domino R5	=8.5.0.1
IBM Lotus Domino R5	=8.5.1
IBM Lotus Domino R5	=8.5.1.1
IBM Lotus Domino R5	=8.5.1.2
IBM Lotus Domino R5	=8.5.1.3
IBM Lotus Domino R5	=8.5.1.4
IBM Lotus Domino R5	=8.5.1.5
IBM Lotus Domino R5	=8.5.2.0
IBM Lotus Domino R5	=8.5.2.1
IBM Lotus Domino R5	=8.5.2.2
IBM Lotus Domino R5	=8.5.2.3
IBM Lotus Domino R5	=8.5.2.4
IBM Lotus Domino R5	=8.5.3.0
IBM Lotus Domino R5	=8.5.3.1
IBM Lotus Domino R5	=8.5.3.2
IBM Lotus Domino R5	=8.5.3.3
IBM Lotus Domino R5	=8.5.3.4
IBM iNotes	=8.5.0.0
IBM iNotes	=8.5.1.0
IBM iNotes	=8.5.2.0
IBM iNotes	=8.5.3.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-0591?
CVE-2013-0591 has a medium severity rating, as it allows remote authenticated users to exploit cross-site scripting vulnerabilities.
How do I fix CVE-2013-0591?
To fix CVE-2013-0591, upgrade to IBM Lotus Domino version 8.5.3 FP5 or later to mitigate the XSS vulnerability.
Who is affected by CVE-2013-0591?
CVE-2013-0591 affects users running IBM Lotus Domino versions 8.5.x prior to 8.5.3 FP5.
What types of attacks can exploit CVE-2013-0591?
Attackers can exploit CVE-2013-0591 to inject arbitrary web scripts or HTML into the pages viewed by other users.
Is authentication required to exploit CVE-2013-0591?
Yes, CVE-2013-0591 can only be exploited by remote authenticated users with access to the vulnerable iNotes.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm lotus domino r5
version/ibm lotus domino r5/8.5.0
version/ibm lotus domino r5/8.5.0.1
version/ibm lotus domino r5/8.5.1
version/ibm lotus domino r5/8.5.1.1
version/ibm lotus domino r5/8.5.1.2
version/ibm lotus domino r5/8.5.1.3
version/ibm lotus domino r5/8.5.1.4
version/ibm lotus domino r5/8.5.1.5
version/ibm lotus domino r5/8.5.2.0
version/ibm lotus domino r5/8.5.2.1
version/ibm lotus domino r5/8.5.2.2
version/ibm lotus domino r5/8.5.2.3
version/ibm lotus domino r5/8.5.2.4
version/ibm lotus domino r5/8.5.3.0
version/ibm lotus domino r5/8.5.3.1
version/ibm lotus domino r5/8.5.3.2
version/ibm lotus domino r5/8.5.3.3
version/ibm lotus domino r5/8.5.3.4
canonical/ibm inotes
version/ibm inotes/8.5.0.0
version/ibm inotes/8.5.1.0
version/ibm inotes/8.5.2.0
version/ibm inotes/8.5.3.0