Vulnerability Details CVE-2015-2014
Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v2 Score 5.8
References
Products affected by CVE-2015-2014
-
cpe:2.3:a:ibm:domino:8.5.0
-
cpe:2.3:a:ibm:domino:8.5.1
-
cpe:2.3:a:ibm:domino:8.5.2
-
cpe:2.3:a:ibm:domino:8.5.3
-
cpe:2.3:a:ibm:domino:9.0.1