CVE-2013-5389: XSS
First published: Tue Oct 22 2013(Updated: )
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino Mail Server | =8.5.3.0 | |
| IBM Lotus Domino Mail Server | =9.0.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-5389?
CVE-2013-5389 is considered a high severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2013-5389?
To mitigate CVE-2013-5389, update to IBM Domino version 8.5.3 FP5 IF2 or 9.0 IF5 or later.
What are the affected versions for CVE-2013-5389?
CVE-2013-5389 affects IBM Domino versions 8.5.3 before FP5 IF2 and 9.0 before IF5.
What type of vulnerability is CVE-2013-5389?
CVE-2013-5389 is a cross-site scripting (XSS) vulnerability.
Can CVE-2013-5389 allow remote attacks?
Yes, CVE-2013-5389 allows remote attackers to inject arbitrary web scripts or HTML.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm lotus domino mail server
- version/ibm lotus domino mail server/8.5.3.0
- version/ibm lotus domino mail server/9.0.0.0