← back
CVE-2010-0927

CVE-2010-0927

EPSS 1.0%
Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdfhttp://www.securityfocus.com/bid/38481