Vulnerability Details CVE-2015-0127
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 does not properly restrict use of FRAME elements, which allows remote authenticated users to conduct phishing attacks via a crafted web site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 47.3%
CVSS Severity
CVSS v2 Score 3.5
Products affected by CVE-2015-0127
-
cpe:2.3:a:ibm:leads:7.1.0
-
cpe:2.3:a:ibm:leads:7.1.1
-
cpe:2.3:a:ibm:leads:7.5.0
-
cpe:2.3:a:ibm:leads:8.1.0
-
cpe:2.3:a:ibm:leads:8.2.0
-
cpe:2.3:a:ibm:leads:8.5.0
-
cpe:2.3:a:ibm:leads:8.6.0
-
cpe:2.3:a:ibm:leads:9.0.0
-
cpe:2.3:a:ibm:leads:9.1.0
-
cpe:2.3:a:ibm:leads:9.1.1