Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Inotes  >> 8.5.2.1  Security Vulnerabilities
CVE-2017-1659
"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."
CVSS Score
6.1
EPSS Score
0.003
Published
2020-07-01
CVE-2017-1421
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-12-13
CVE-2017-1129
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
CVSS Score
6.5
EPSS Score
0.685
Published
2017-09-05
CVE-2017-1130
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
CVSS Score
6.5
EPSS Score
0.655
Published
2017-09-05
CVE-2017-1327
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-08-03
CVE-2017-1332
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-07-31
CVE-2017-1214
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.
CVSS Score
5.7
EPSS Score
0.002
Published
2017-06-12
CVE-2017-1325
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-05-26
CVE-2016-9990
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-31
CVE-2016-5883
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-02-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved