IBM iNotes 8.5.3.0

CPE Details

IBM iNotes 8.5.3.0
ibm
inotes
8.5.3.0
2017-04-10
15h04 +00:00
2017-04-10
15h04 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:inotes:8.5.3.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

inotes

Version

8.5.3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-1659 2020-07-01 11h45 +00:00 "HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."
6.1
Medium
CVE-2013-0589 2018-07-11 14h00 +00:00 IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371.
7.5
High
CVE-2013-0592 2018-07-11 14h00 +00:00 Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815.
5.4
Medium
CVE-2013-0594 2018-07-11 14h00 +00:00 Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383.
6.1
Medium
CVE-2017-1129 2017-09-05 21h00 +00:00 IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
6.5
Medium
CVE-2017-1130 2017-09-05 21h00 +00:00 IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
6.5
Medium
CVE-2017-1327 2017-08-03 15h00 +00:00 IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062.
6.1
Medium
CVE-2017-1332 2017-07-31 21h00 +00:00 IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234.
6.1
Medium
CVE-2017-1214 2017-06-12 17h00 +00:00 IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.
5.7
Medium
CVE-2017-1325 2017-05-26 14h00 +00:00 IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976.
6.1
Medium
CVE-2016-9990 2017-03-31 16h00 +00:00 IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824.
6.1
Medium
CVE-2016-5883 2017-02-23 15h00 +00:00 IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010.
6.1
Medium
CVE-2016-5881 2017-02-01 21h00 +00:00 IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium
CVE-2016-2938 2017-02-01 19h00 +00:00 IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium
CVE-2016-2939 2017-02-01 19h00 +00:00 IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium
CVE-2016-5880 2017-02-01 19h00 +00:00 IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.4
Medium
CVE-2016-5882 2017-02-01 19h00 +00:00 IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium
CVE-2016-5884 2017-02-01 19h00 +00:00 IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium
CVE-2016-6113 2017-02-01 19h00 +00:00 IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium