Arbitrary Web Script Injection in iNotes in IBM Domino 8.5.x and 9.0.x

Arbitrary Web Script Injection in iNotes in IBM Domino 8.5.x and 9.0.x

CVE-2013-4063 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP.

Learn more about our Cis Benchmark Audit For Ibm I.