CVE-2006-0662

medium

Description

Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24612

http://www.vupen.com/english/advisories/2006/0499

http://www.securityfocus.com/bid/16577

http://www.osvdb.org/23077

http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229919

http://securitytracker.com/id?1015610

http://secunia.com/secunia_research/2005-38/advisory/

http://secunia.com/advisories/16340

Details

Source: Mitre, NVD

Published: 2006-02-13

Updated: 2017-07-20

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N