Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (Linux)

Information

Severity

Severity

High

Family

Family

General

CVSSv2 Base

CVSSv2 Base

7.5

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

4 years ago

Summary

This host has IBM Lotus Notes installed and is prone to HTML Injection vulnerability.

Insight

Insight

The flaw is due to error in the RSS reader widget, caused when items are saved from an RSS feed as local HTML documents. This can be exploited via a crafted feed.

Affected Software

Affected Software

IBM Lotus Notes Version 8.5 on Linux.

Solution

Solution

Vendor has released a patch to fix the issue. Please see the references for patch details.

Common Vulnerabilities and Exposures (CVE)