Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Lotus Domino iNotes客户端脚本注入漏洞
Vulnerability Description
IBM Lotus Domino/Notes是一套得到广泛应用的群件系统,iNotes可提供基于WEB的消息系统。 Lotus Domino iNotes客户端中存在多个漏洞,可能允许恶意用户执行脚本注入攻击: 1) 如果用户点击了附件文件(如html文件)的话,就会在站点环境中打开该文件。这可能导致以用户会话的权限执行任意JavaScript代码。 2) 在以浏览器标题显示邮件标题之前没有进行正确的过滤,导致用户浏览邮件时以用户会话的权限执行任意JavaScript 。 3) 可以通过在URL中注入"&
CVSS Information
N/A
Vulnerability Type
N/A