| Vulnerability Name: | CVE-2013-5388 (CCN-87123) | ||||||||
| Assigned: | 2013-10-18 | ||||||||
| Published: | 2013-10-18 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-5388 Source: CCN Type: SA55405 IBM Domino / iNotes Two Script Insertion Vulnerabilities Source: CCN Type: IBM Security Bulletin 1653149 IBM iNotes Stored Cross-Site Scripting Vulnerabilities (CVE-2013-5388, CVE-2013-5389) Source: CONFIRM Type: Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21653149 Source: CCN Type: BID-63265 IBM iNotes CVE-2013-5388 Unspecified HTML Injection Vulnerability Source: XF Type: UNKNOWN ibm-inotes-cve20135388-xss(87123) Source: XF Type: UNKNOWN inotes-cve20135388-xss(87123) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||