| Vulnerability Name: | CVE-2004-2310 (CCN-15502) | ||||||||
| Assigned: | 2004-03-17 | ||||||||
| Published: | 2004-03-17 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2004-2310 Source: CCN Type: Dr_insane Advisory Web page IBM Lotus Domino server 6.5.1 webadmin.nsf vulnerabilities Source: MISC Type: UNKNOWN http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt Source: CCN Type: SA11143 IBM Lotus Domino Server Quick Console Cross-Site Scripting Source: SECUNIA Type: Vendor Advisory 11143 Source: OSVDB Type: UNKNOWN 4306 Source: CCN Type: OSVDB ID: 4306 IBM Lotus Domino Server webadmin.nsf Quick Console XSS Source: BID Type: Exploit 9901 Source: CCN Type: BID-9901 IBM Lotus Domino HTTP webadmin.nsf Quick Console Cross-Site Scripting Vulnerability Source: XF Type: UNKNOWN lotus-domino-webadmin-xss(15502) Source: XF Type: UNKNOWN lotus-domino-webadmin-xss(15502) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||