CVE-2013-5388: XSS
First published: Tue Oct 22 2013(Updated: )
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino R5 | =8.5.3.0 | |
| IBM Lotus Domino R5 | =9.0.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-5388?
CVE-2013-5388 is classified as a medium-severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2013-5388?
To mitigate CVE-2013-5388, it is recommended to upgrade IBM Lotus Domino to version 8.5.3 FP5 IF2 or higher, or 9.0 IF5 or higher.
What are the potential impacts of CVE-2013-5388?
CVE-2013-5388 allows remote attackers to inject arbitrary web scripts or HTML, potentially leading to data theft or session hijacking.
Which versions of IBM Lotus Domino are affected by CVE-2013-5388?
CVE-2013-5388 affects IBM Lotus Domino versions 8.5.3 before FP5 IF2 and 9.0 before IF5.
How can I identify if my system is vulnerable to CVE-2013-5388?
To determine if your system is vulnerable to CVE-2013-5388, check the version of IBM Lotus Domino and verify if it falls below the specified fixed versions.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm lotus domino
- version/ibm lotus domino/8.5.3.0
- version/ibm lotus domino/9.0.0.0