CVE-2015-2014: XSS
First published: Sun Aug 23 2015(Updated: )
Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Domino | =8.5.0 | |
| IBM Domino | =8.5.1 | |
| IBM Domino | =8.5.2 | |
| IBM Domino | =8.5.3 | |
| IBM Domino | =9.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/remedy
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm domino
- version/ibm domino/8.5.0
- version/ibm domino/8.5.1
- version/ibm domino/8.5.2
- version/ibm domino/8.5.3
- version/ibm domino/9.0.1