CVE-2012-4825 in Lotus Notes Travelerinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getClientConfigFile action.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

09/06/2012

Disclosure

10/08/2012

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
6589	IBM Lotus Notes Traveler ILNT.mobileconfig cross site scripting	79	Proof-of-Concept	Official fix	CVE-2012-4825

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!