Vulnerability Details CVE-2012-4848
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Foundations Start before 1.2.2c allow remote authenticated users to inject arbitrary web script or HTML via a Webconfig Users user-attribute field, as demonstrated by the (1) First Name or (2) Last Name field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.4%
CVSS Severity
CVSS v2 Score 3.5
Products affected by CVE-2012-4848
-
cpe:2.3:a:ibm:lotus_foundations_start:1.0
-
cpe:2.3:a:ibm:lotus_foundations_start:1.1
-
cpe:2.3:a:ibm:lotus_foundations_start:1.2
-
cpe:2.3:a:ibm:lotus_foundations_start:1.2.2