Vulnerability Details CVE-2015-0127
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 does not properly restrict use of FRAME elements, which allows remote authenticated users to conduct phishing attacks via a crafted web site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.9%
CVSS Severity
CVSS v2 Score 3.5
References
Products affected by CVE-2015-0127
-
cpe:2.3:a:ibm:leads:7.1.0
-
cpe:2.3:a:ibm:leads:7.1.1
-
cpe:2.3:a:ibm:leads:7.5.0
-
cpe:2.3:a:ibm:leads:8.1.0
-
cpe:2.3:a:ibm:leads:8.2.0
-
cpe:2.3:a:ibm:leads:8.5.0
-
cpe:2.3:a:ibm:leads:8.6.0
-
cpe:2.3:a:ibm:leads:9.0.0
-
cpe:2.3:a:ibm:leads:9.1.0
-
cpe:2.3:a:ibm:leads:9.1.1