2 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0

Cross-site scripting (XSS) vulnerability in the Bookmarks component in IBM Lotus Connections before 4.0 CR3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados(XSS) en el componente de marcadores en IBM Lotus Connections v4.0 antes CR3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1LO74182 http://www-01.ibm.com/support/docview.wss?uid=swg21634538 https://exchange.xforce.ibmcloud.com/vulnerabilities/82265 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 3%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter. Vulnerabilidad de ejecución de secuencias de comandos remotos en tistios cruzados (XSS) en profiles/html/simpleSearch.do en IBM Lotus Connections v2.0.1, permite a atacantes remotos ejecutar secuencias de comandos web o HTML de su elección a través del parámetro "name". • https://www.exploit-db.com/exploits/33254 http://osvdb.org/58320 http://secunia.com/advisories/36849 http://www-01.ibm.com/support/docview.wss?uid=swg24024414 http://www-1.ibm.com/support/docview.wss?uid=swg1LO44244 http://www.securityfocus.com/bid/36513 http://www.securitytracker.com/id?1022945 http://www.vupen.com/english/advisories/2009/2760 https://exchange.xforce.ibmcloud.com/vulnerabilities/53460 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •