CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0662
https://notcve.org/view.php?id=CVE-2006-0662
13 Feb 2006 — Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser. • http://secunia.com/advisories/16340 •
CVSS: 6.1EPSS: 2%CPEs: 2EXPL: 4CVE-2006-0663 – IBM Lotus Domino 6.x/7.0 - iNotes JavaScript: Filter Bypass
https://notcve.org/view.php?id=CVE-2006-0663
13 Feb 2006 — Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename. • https://www.exploit-db.com/exploits/27181 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •