CVE-2010-0920

Published Mar 3, 2010

Last updated 15 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00",
            "versionEndIncluding": "229.271"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References