Search criteria
40 vulnerabilities found for inotes by ibm
CVE-2017-1659 (GCVE-0-2017-1659)
Vulnerability from nvd – Published: 2020-07-01 13:45 – Updated: 2024-08-05 13:39
VLAI?
Summary
"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."
Severity ?
No CVSS data available.
CWE
- "Cross-Site Scripting (XSS)"
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | "HCL iNotes" |
Affected:
"Releases previous to version 9.0.1 FP10 are impacted by this vulnerability. Versions 10 and above are not impacted."
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:31.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\"HCL iNotes\"",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "\"Releases previous to version 9.0.1 FP10 are impacted by this vulnerability. Versions 10 and above are not impacted.\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim\u0027s cookie-based authentication credentials.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "\"Cross-Site Scripting (XSS)\" ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-01T13:45:17",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@hcl.com",
"ID": "CVE-2017-1659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\"HCL iNotes\"",
"version": {
"version_data": [
{
"version_value": "\"Releases previous to version 9.0.1 FP10 are impacted by this vulnerability. Versions 10 and above are not impacted.\""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim\u0027s cookie-based authentication credentials.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "\"Cross-Site Scripting (XSS)\" "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512",
"refsource": "MISC",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2017-1659",
"datePublished": "2020-07-01T13:45:17",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:39:31.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0594 (GCVE-0-2013-0594)
Vulnerability from nvd – Published: 2018-07-11 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130594-open-redirect(83383)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130594-open-redirect(83383)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130594-open-redirect(83383)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0594",
"datePublished": "2018-07-11T16:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0592 (GCVE-0-2013-0592)
Vulnerability from nvd – Published: 2018-07-11 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130592-xss(83815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130592-xss(83815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130592-xss(83815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0592",
"datePublished": "2018-07-11T16:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0589 (GCVE-0-2013-0589)
Vulnerability from nvd – Published: 2018-07-11 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130589-info-disclosure(83371)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83371"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130589-info-disclosure(83371)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83371"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130589-info-disclosure(83371)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83371"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0589",
"datePublished": "2018-07-11T16:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1421 (GCVE-0-2017-1421)
Vulnerability from nvd – Published: 2017-12-13 18:00 – Updated: 2024-09-17 03:28
VLAI?
Summary
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005234"
},
{
"name": "1040015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "102153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005234"
},
{
"name": "1040015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-11-28T00:00:00",
"ID": "CVE-2017-1421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102153"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005234",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005234"
},
{
"name": "1040015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040015"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1421",
"datePublished": "2017-12-13T18:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-17T03:28:55.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1130 (GCVE-0-2017-1130)
Vulnerability from nvd – Published: 2017-09-05 21:00 – Updated: 2024-09-16 21:58
VLAI?
Summary
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999384"
},
{
"name": "42604",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42604/"
},
{
"name": "100632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100632"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Notes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.1.8"
},
{
"status": "affected",
"version": "8.5.2.1"
}
]
}
],
"datePublic": "2017-08-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999384"
},
{
"name": "42604",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42604/"
},
{
"name": "100632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100632"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-31T00:00:00",
"ID": "CVE-2017-1130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Notes",
"version": {
"version_data": [
{
"version_value": "8.5.3.6"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0"
},
{
"version_value": "9.0.1.8"
},
{
"version_value": "8.5.2.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999384",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999384"
},
{
"name": "42604",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42604/"
},
{
"name": "100632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100632"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1130",
"datePublished": "2017-09-05T21:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T21:58:13.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1129 (GCVE-0-2017-1129)
Vulnerability from nvd – Published: 2017-09-05 21:00 – Updated: 2024-09-16 16:38
VLAI?
Summary
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Lotus Expeditor |
Affected:
6.2.1
Affected: 6.2.2 Affected: 6.2.3 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42602",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42602/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999385"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lotus Expeditor",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.2"
},
{
"status": "affected",
"version": "6.2.3"
}
]
},
{
"product": "Notes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-08-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-06T09:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "42602",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42602/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999385"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-31T00:00:00",
"ID": "CVE-2017-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lotus Expeditor",
"version": {
"version_data": [
{
"version_value": "6.2.1"
},
{
"version_value": "6.2.2"
},
{
"version_value": "6.2.3"
}
]
}
},
{
"product_name": "Notes",
"version": {
"version_data": [
{
"version_value": "8.5.3.6"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42602",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42602/"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999385",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999385"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002103",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1129",
"datePublished": "2017-09-05T21:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T16:38:43.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1327 (GCVE-0-2017-1327)
Vulnerability from nvd – Published: 2017-08-03 15:00 – Updated: 2024-09-16 22:16
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-05T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-06-01T00:00:00",
"ID": "CVE-2017-1327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003664",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1327",
"datePublished": "2017-08-03T15:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T22:16:08.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1332 (GCVE-0-2017-1332)
Vulnerability from nvd – Published: 2017-07-31 21:00 – Updated: 2024-09-16 17:33
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-01T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-07-25T00:00:00",
"ID": "CVE-2017-1332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005233",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1332",
"datePublished": "2017-07-31T21:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T17:33:16.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1214 (GCVE-0-2017-1214)
Vulnerability from nvd – Published: 2017-06-12 19:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038654",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1038654",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038654",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038654"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002015",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1214",
"datePublished": "2017-06-12T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1325 (GCVE-0-2017-1325)
Vulnerability from nvd – Published: 2017-05-26 16:00 – Updated: 2024-08-05 13:32
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:28.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038600",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1038600",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038600",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038600"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003497",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003497"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1325",
"datePublished": "2017-05-26T16:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:32:28.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9990 (GCVE-0-2016-9990)
Vulnerability from nvd – Published: 2017-03-31 18:00 – Updated: 2024-08-06 03:07
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | iNotes |
Affected:
9.0
Affected: 8.5.3 Affected: 8.5.2 Affected: 8.5.1 Affected: 8.5 Affected: 8.0.2 Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.58.5.3 Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998824"
},
{
"name": "97151",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97151"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.58.5.3"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1038145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998824"
},
{
"name": "97151",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97151"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.58.5.3"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038145",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038145"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998824",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998824"
},
{
"name": "97151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97151"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9990",
"datePublished": "2017-03-31T18:00:00",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5883 (GCVE-0-2016-5883)
Vulnerability from nvd – Published: 2017-02-23 16:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | iNotes |
Affected:
9.0
Affected: 8.5.3 Affected: 8.5.2 Affected: 8.5.1 Affected: 8.5 Affected: 8.0.2 Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.58.5.3 Affected: Fix Affected: Pack Affected: 6 Affected: Interim Affected: 1 Affected: 8.5.x Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96168",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96168"
},
{
"name": "1037790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.58.5.3"
},
{
"status": "affected",
"version": "Fix"
},
{
"status": "affected",
"version": "Pack"
},
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "Interim"
},
{
"status": "affected",
"version": "1"
},
{
"status": "affected",
"version": "8.5.x"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96168",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96168"
},
{
"name": "1037790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.58.5.3"
},
{
"version_value": "Fix"
},
{
"version_value": "Pack"
},
{
"version_value": "6"
},
{
"version_value": "Interim"
},
{
"version_value": "1"
},
{
"version_value": "8.5.x"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96168",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96168"
},
{
"name": "1037790",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037790"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21997010",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5883",
"datePublished": "2017-02-23T16:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:09.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5881 (GCVE-0-2016-5881)
Vulnerability from nvd – Published: 2017-02-01 22:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | iNotes |
Affected:
9.0
Affected: 8.5.3 Affected: 8.5.2 Affected: 8.5.1 Affected: 8.5 Affected: 8.0.2 Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.58.5.3 Affected: Fix Affected: Pack Affected: 6 Affected: Interim Affected: 1 Affected: 8.5.x Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037592"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995122"
},
{
"name": "95459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.58.5.3"
},
{
"status": "affected",
"version": "Fix"
},
{
"status": "affected",
"version": "Pack"
},
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "Interim"
},
{
"status": "affected",
"version": "1"
},
{
"status": "affected",
"version": "8.5.x"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1037592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037592"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995122"
},
{
"name": "95459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.58.5.3"
},
{
"version_value": "Fix"
},
{
"version_value": "Pack"
},
{
"version_value": "6"
},
{
"version_value": "Interim"
},
{
"version_value": "1"
},
{
"version_value": "8.5.x"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037592",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037592"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995122",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995122"
},
{
"name": "95459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5881",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:09.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6113 (GCVE-0-2016-6113)
Vulnerability from nvd – Published: 2017-02-01 20:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Domino |
Affected:
8.5.3.5
Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.5 Affected: 9.0 Affected: 8.5.1 Affected: 8.5.2 Affected: 8.5.3 Affected: 9.0.1.1 Affected: 8.0.2 Affected: 8.0 Affected: 8.0.1 Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.2 Affected: 8.5.0.1 Affected: 9.0.1.3 Affected: 8.5.1.4 Affected: 9.0.1.4 Affected: 9.0.1.5 Affected: 8.5.1.1 Affected: 9.0.1.6 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94603",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94603"
},
{
"name": "1037383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037383"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992835"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Domino",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.5.3.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.2"
},
{
"status": "affected",
"version": "8.5.0.1"
},
{
"status": "affected",
"version": "9.0.1.3"
},
{
"status": "affected",
"version": "8.5.1.4"
},
{
"status": "affected",
"version": "9.0.1.4"
},
{
"status": "affected",
"version": "9.0.1.5"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.6"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "94603",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94603"
},
{
"name": "1037383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037383"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992835"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Domino",
"version": {
"version_data": [
{
"version_value": "8.5.3.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5"
},
{
"version_value": "9.0"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.3"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.0"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.2"
},
{
"version_value": "8.5.0.1"
},
{
"version_value": "9.0.1.3"
},
{
"version_value": "8.5.1.4"
},
{
"version_value": "9.0.1.4"
},
{
"version_value": "9.0.1.5"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.6"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94603",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94603"
},
{
"name": "1037383",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037383"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21992835",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992835"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6113",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5884 (GCVE-0-2016-5884)
Vulnerability from nvd – Published: 2017-02-01 20:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7 |
Affected:
IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94602",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94602"
},
{
"name": "1037383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037383"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992835"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "94602",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94602"
},
{
"name": "1037383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037383"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992835"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7",
"version": {
"version_data": [
{
"version_value": "IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94602",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94602"
},
{
"name": "1037383",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037383"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21992835",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992835"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5884",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1659 (GCVE-0-2017-1659)
Vulnerability from cvelistv5 – Published: 2020-07-01 13:45 – Updated: 2024-08-05 13:39
VLAI?
Summary
"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."
Severity ?
No CVSS data available.
CWE
- "Cross-Site Scripting (XSS)"
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | "HCL iNotes" |
Affected:
"Releases previous to version 9.0.1 FP10 are impacted by this vulnerability. Versions 10 and above are not impacted."
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:31.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\"HCL iNotes\"",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "\"Releases previous to version 9.0.1 FP10 are impacted by this vulnerability. Versions 10 and above are not impacted.\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim\u0027s cookie-based authentication credentials.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "\"Cross-Site Scripting (XSS)\" ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-01T13:45:17",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@hcl.com",
"ID": "CVE-2017-1659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\"HCL iNotes\"",
"version": {
"version_data": [
{
"version_value": "\"Releases previous to version 9.0.1 FP10 are impacted by this vulnerability. Versions 10 and above are not impacted.\""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim\u0027s cookie-based authentication credentials.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "\"Cross-Site Scripting (XSS)\" "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512",
"refsource": "MISC",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080512"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2017-1659",
"datePublished": "2020-07-01T13:45:17",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:39:31.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0592 (GCVE-0-2013-0592)
Vulnerability from cvelistv5 – Published: 2018-07-11 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130592-xss(83815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130592-xss(83815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130592-xss(83815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0592",
"datePublished": "2018-07-11T16:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0594 (GCVE-0-2013-0594)
Vulnerability from cvelistv5 – Published: 2018-07-11 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130594-open-redirect(83383)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130594-open-redirect(83383)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130594-open-redirect(83383)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0594",
"datePublished": "2018-07-11T16:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0589 (GCVE-0-2013-0589)
Vulnerability from cvelistv5 – Published: 2018-07-11 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130589-info-disclosure(83371)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83371"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130589-info-disclosure(83371)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83371"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
},
{
"name": "ibm-inotes-cve20130589-info-disclosure(83371)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83371"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0589",
"datePublished": "2018-07-11T16:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:33:05.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1421 (GCVE-0-2017-1421)
Vulnerability from cvelistv5 – Published: 2017-12-13 18:00 – Updated: 2024-09-17 03:28
VLAI?
Summary
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005234"
},
{
"name": "1040015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "102153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005234"
},
{
"name": "1040015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-11-28T00:00:00",
"ID": "CVE-2017-1421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102153"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005234",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005234"
},
{
"name": "1040015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040015"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127411"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1421",
"datePublished": "2017-12-13T18:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-17T03:28:55.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1130 (GCVE-0-2017-1130)
Vulnerability from cvelistv5 – Published: 2017-09-05 21:00 – Updated: 2024-09-16 21:58
VLAI?
Summary
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999384"
},
{
"name": "42604",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42604/"
},
{
"name": "100632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100632"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Notes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.1.8"
},
{
"status": "affected",
"version": "8.5.2.1"
}
]
}
],
"datePublic": "2017-08-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999384"
},
{
"name": "42604",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42604/"
},
{
"name": "100632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100632"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-31T00:00:00",
"ID": "CVE-2017-1130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Notes",
"version": {
"version_data": [
{
"version_value": "8.5.3.6"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0"
},
{
"version_value": "9.0.1.8"
},
{
"version_value": "8.5.2.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121371"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999384",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999384"
},
{
"name": "42604",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42604/"
},
{
"name": "100632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100632"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1130",
"datePublished": "2017-09-05T21:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T21:58:13.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1129 (GCVE-0-2017-1129)
Vulnerability from cvelistv5 – Published: 2017-09-05 21:00 – Updated: 2024-09-16 16:38
VLAI?
Summary
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Lotus Expeditor |
Affected:
6.2.1
Affected: 6.2.2 Affected: 6.2.3 |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42602",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42602/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999385"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lotus Expeditor",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.2"
},
{
"status": "affected",
"version": "6.2.3"
}
]
},
{
"product": "Notes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-08-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-06T09:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "42602",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42602/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999385"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-31T00:00:00",
"ID": "CVE-2017-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lotus Expeditor",
"version": {
"version_data": [
{
"version_value": "6.2.1"
},
{
"version_value": "6.2.2"
},
{
"version_value": "6.2.3"
}
]
}
},
{
"product_name": "Notes",
"version": {
"version_data": [
{
"version_value": "8.5.3.6"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42602",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42602/"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999385",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999385"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121370"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002103",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1129",
"datePublished": "2017-09-05T21:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T16:38:43.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1327 (GCVE-0-2017-1327)
Vulnerability from cvelistv5 – Published: 2017-08-03 15:00 – Updated: 2024-09-16 22:16
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-05T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-06-01T00:00:00",
"ID": "CVE-2017-1327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003664",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1327",
"datePublished": "2017-08-03T15:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T22:16:08.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1332 (GCVE-0-2017-1332)
Vulnerability from cvelistv5 – Published: 2017-07-31 21:00 – Updated: 2024-09-16 17:33
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-01T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-07-25T00:00:00",
"ID": "CVE-2017-1332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005233",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1332",
"datePublished": "2017-07-31T21:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T17:33:16.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1214 (GCVE-0-2017-1214)
Vulnerability from cvelistv5 – Published: 2017-06-12 19:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038654",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1038654",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038654",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038654"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123854"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002015",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1214",
"datePublished": "2017-06-12T19:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1325 (GCVE-0-2017-1325)
Vulnerability from cvelistv5 – Published: 2017-05-26 16:00 – Updated: 2024-08-05 13:32
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:28.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038600",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "8.5.2.1"
},
{
"status": "affected",
"version": "8.5.3.1"
},
{
"status": "affected",
"version": "9.0.1.1"
},
{
"status": "affected",
"version": "8.5.1.1"
},
{
"status": "affected",
"version": "9.0.1.8"
}
]
}
],
"datePublic": "2017-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1038600",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "8.5.2.1"
},
{
"version_value": "8.5.3.1"
},
{
"version_value": "9.0.1.1"
},
{
"version_value": "8.5.1.1"
},
{
"version_value": "9.0.1.8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038600",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038600"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003497",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003497"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125976"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1325",
"datePublished": "2017-05-26T16:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:32:28.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9990 (GCVE-0-2016-9990)
Vulnerability from cvelistv5 – Published: 2017-03-31 18:00 – Updated: 2024-08-06 03:07
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | iNotes |
Affected:
9.0
Affected: 8.5.3 Affected: 8.5.2 Affected: 8.5.1 Affected: 8.5 Affected: 8.0.2 Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.58.5.3 Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998824"
},
{
"name": "97151",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97151"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.58.5.3"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1038145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998824"
},
{
"name": "97151",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97151"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.58.5.3"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038145",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038145"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998824",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998824"
},
{
"name": "97151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97151"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9990",
"datePublished": "2017-03-31T18:00:00",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5883 (GCVE-0-2016-5883)
Vulnerability from cvelistv5 – Published: 2017-02-23 16:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | iNotes |
Affected:
9.0
Affected: 8.5.3 Affected: 8.5.2 Affected: 8.5.1 Affected: 8.5 Affected: 8.0.2 Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.58.5.3 Affected: Fix Affected: Pack Affected: 6 Affected: Interim Affected: 1 Affected: 8.5.x Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96168",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96168"
},
{
"name": "1037790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.58.5.3"
},
{
"status": "affected",
"version": "Fix"
},
{
"status": "affected",
"version": "Pack"
},
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "Interim"
},
{
"status": "affected",
"version": "1"
},
{
"status": "affected",
"version": "8.5.x"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96168",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96168"
},
{
"name": "1037790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.58.5.3"
},
{
"version_value": "Fix"
},
{
"version_value": "Pack"
},
{
"version_value": "6"
},
{
"version_value": "Interim"
},
{
"version_value": "1"
},
{
"version_value": "8.5.x"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96168",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96168"
},
{
"name": "1037790",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037790"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21997010",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5883",
"datePublished": "2017-02-23T16:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:09.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5881 (GCVE-0-2016-5881)
Vulnerability from cvelistv5 – Published: 2017-02-01 22:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | iNotes |
Affected:
9.0
Affected: 8.5.3 Affected: 8.5.2 Affected: 8.5.1 Affected: 8.5 Affected: 8.0.2 Affected: 8.5.3.6 Affected: 9.0.1 Affected: 8.58.5.3 Affected: Fix Affected: Pack Affected: 6 Affected: Interim Affected: 1 Affected: 8.5.x Affected: 8.5.1.5 Affected: 8.5.2.4 Affected: 9.0.1.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037592"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995122"
},
{
"name": "95459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iNotes",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "8.5.3"
},
{
"status": "affected",
"version": "8.5.2"
},
{
"status": "affected",
"version": "8.5.1"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.0.2"
},
{
"status": "affected",
"version": "8.5.3.6"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.58.5.3"
},
{
"status": "affected",
"version": "Fix"
},
{
"status": "affected",
"version": "Pack"
},
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "Interim"
},
{
"status": "affected",
"version": "1"
},
{
"status": "affected",
"version": "8.5.x"
},
{
"status": "affected",
"version": "8.5.1.5"
},
{
"status": "affected",
"version": "8.5.2.4"
},
{
"status": "affected",
"version": "9.0.1.7"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1037592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037592"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995122"
},
{
"name": "95459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iNotes",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "8.5.3"
},
{
"version_value": "8.5.2"
},
{
"version_value": "8.5.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.0.2"
},
{
"version_value": "8.5.3.6"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.58.5.3"
},
{
"version_value": "Fix"
},
{
"version_value": "Pack"
},
{
"version_value": "6"
},
{
"version_value": "Interim"
},
{
"version_value": "1"
},
{
"version_value": "8.5.x"
},
{
"version_value": "8.5.1.5"
},
{
"version_value": "8.5.2.4"
},
{
"version_value": "9.0.1.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037592",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037592"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995122",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995122"
},
{
"name": "95459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5881",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:09.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}