CVE-2012-2955

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string.

Reference

http://osvdb.org/84014
http://secunia.com/advisories/49897
http://www.kb.cert.org/vuls/id/659791
http://www.securityfocus.com/bid/54486
http://www-01.ibm.com/support/docview.wss?uid=swg21605626
https://exchange.xforce.ibmcloud.com/vulnerabilities/76798

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

22-12-2017 - 02:29

Objavljeno

20-07-2012 - 10:40