PT-2001-2302 · Ibm · Lotus Domino

Published

2001-07-02

Updated

2008-09-05

CVE-2001-1161

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Lotus Domino version 5.0.6

Description A cross-site scripting issue allows remote attackers to execute script on other web clients via a URL that ends in Javascript. This generates an error message that does not quote the resulting script, potentially leading to script execution.

Recommendations For Lotus Domino version 5.0.6, update to a version that fixes this issue, as the current version allows remote attackers to execute malicious scripts on other web clients.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1161

Affected Products

Lotus Domino

PT-2001-2302 · Ibm · Lotus Domino

CVE-2001-1161

Related Identifiers

Affected Products

References · 7